<< previous page   --   table of contents   --   next page >>
| | | | | | | |
  • Return to Table of Contents
    • Table of Contents
    1. General Information
    2. MySQL Installation
    3. Tutorial Introduction
    4. Database Administration
    5. MySQL Optimisation
    6. MySQL Language Reference
    7. MySQL Table Types
    8. MySQL APIs
    9. Extending MySQL
    Chapter 4:  Database Administration 225 4.3.9  Using Secure Connections 4.3.9.1  Basics MySQL has support for SSL encrypted connections.  To understand how MySQL uses SSL, we need to explain some basics about SSL and X509.  People who are already aware of it can skip this part. By default, MySQL uses unencrypted connections between client and server.  This means that someone could watch all your trac and look at the data being sent/received. Actually, they could even change the data while it is in transit between client and server.  Sometimes you  need  to  move  really  secret  data  over  public  networks  and  in  such  a  case  using  an unencrypted connection is unacceptable. SSL  is  a  protocol  which  uses  di erent  encryption  algorithms  to  ensure  that  data  which comes from public network can be trusted.  It has mechanisms to detect any change, loss or replay of data.  SSL also incorpores algorithms to recognise and provide identity veri cation using the X509 standard. Encryption  is  the  way  to  make  any  kind  of  data  unreadable.   In  fact,  today's  practice requires many additional security elements from encryption algorithms.  They should resist many kind of known attacks like just messing with order of encrypted messages or replaying data twice. X509 is a standard that makes it possible to identify someone in the Internet.  It is most commonly used in e-commerce applications.  In basic terms, there should be some company called  "Certi cate  Authority"  which  assigns  electronic  certi cates  to  anyone  who  needs them.   Certi cates rely on asymmetric encryption algorithms which have two encryption keys - public and secret.  A certi cate owner can prove his identity by showing his certi cate to other party.  A certi cate consists of his owner's public key.  Any data encrypted with this public key can only be decrypted using the corresponding secret key, which is held by the owner of the certi cate. MySQL  doesn't  use  encrypted  on  connections  by  default,  because  this  would  make  the client/server protocol much slower.  Any kind of additional functionality requires computer to do additional work and encrypting data is CPU-intensive operation require time and can delay MySQL main tasks.  By default MySQL is tuned to be fast as possible. If you need more information about SSL/X509/encryption, you should use your favourite internet search engine and search for keywords you are interested in. 4.3.9.2  Requirements To get secure connections to work with MySQL you must do the following: 1.  Install the OpenSSL library. We have tested MySQL with OpenSSL 0.9.6. http://www. 2.  Con gure MySQL with --with-vio --with-openssl.
     

    Customer Support CentreMySQL Reference Manual

    Web Hosting Services
    UNIX WEB HOSTING
    SUPPORT & FAQ's
    TERMS OF USE
    Domain Services
    DOMAIN REGISTRATION
    MANAGE YOUR ACCOUNT
    SUPPORT & FAQ's
    TERMS OF USE
    SITE MAP
    Home
    Hosting Plans | Domain Registration | About Us | Contact Us | Site Map
    Terms of Use | Privacy Policy | Guarantees
    Merchant Accounts

    SpiritHost - web hosting for spiritual and education sites
    SpiritHit.com - Religious and Spiritual Portal

    Copyright © 2002 Dyntex Group, Inc. All Rights Reserved

  • Return to Table of Contents
    		•
  • Back to top
    • Web Hosting: Manuals & FAQ's
    1. Unix-Based Web Hosting
    2. Unix Dedicated Servers
    3. Windows Dedicated Servers
    4. CuteFTP User’s Guide
    5. CuteHTML User’s Guide
    6. WS_FTP Pro User's Guide
    7. Miva Order User's Guide
    8. Miva Merchant User's Guide