How to connect to MySQL with TLS

To connect to your database you need to download the ISRG Root X1.crt certificate from Let's Encrypt Click to download
Then you may need to modify your code to allow the use of encrypted database traffic.

HeidiSQL

How to configure this go to the "SSL" tab in HeidiSQL and check the box "Use SSL" then select the "SSL CA certificate" this will be the location of the ISRG Root X1.crt
Keep the other variables empty or on their default value. Save this configuration and your database traffic is now encrypted and secure.

Python based Discord bots

You will need to make an config like this where the "ssl" statement is present. Use for the "MYSQLHOST" the hostname instead of the IP address otherwise the authentication will fail.

import pymysql
db_config = {
    'host': MYSQLHOST,  # Change this to your MySQL host
    'user': MYSQLUSER,  # Your MySQL username
    'password': MYSQLPASSOWRD,  # Your MySQL password
    'database': MYSQLDATABASE,  # Your database name
    'cursorclass': pymysql.cursors.DictCursor,
    'ssl': {
        'ca': 'isrgrootx1.pem', # Location of the root certificate
    }
}

Disclaimer

Some clients are known to not work with encrypted database connections. Using this as an developer will reduce your attack surface but it may still be possible to snoop on the "Database > Server" connection.

Was this answer helpful? 1 Users Found This Useful (1 Votes)