#253 MySQL SSL settings do not always require the sslkey option - Ruby on Rails

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

This project is archived and is in readonly mode.

#253 ✓resolved

MySQL SSL settings do not always require the sslkey option

Reported by Micah Wedemeyer | May 25th, 2008 @ 09:58 PM

Using the MySQL SSL settings in database.yml is conditional on there being an 'sslkey' option set. While this is sometimes the case, it's not always necessary. In many cases the only required option to set is the 'sslca' (certificate authority) file. This file is always required, even when the 'sslkey' option is also set.

Taken straight from the MySQL docs at: http://dev.mysql.com/doc/refman/...

If the account has no special SSL requirements or was created using a GRANT statement that includes the REQUIRE SSL option, a client can connect securely by using just the --ssl-ca option:

The patch just changes the conditional to check if 'sslca' is set instead of looking for 'sslkey'.

I have tested this on my local setup using only the sslca option. The connection worked fine and was being encrypted correctly (ie. I could see the SSL cipher when running the command 'SHOW STATUS LIKE 'Ssl_cipher';')

I apologize if the git patch is not correctly formatted. This is my first experience with git.

0001-Updated-MysqlAdapter-to-check-for-sslca-option-inste.patch 1.2 KB

Comments and changes to this ticket

Pratik May 25th, 2008 @ 10:38 PM
- Title changed from “[PATCH] MySQL SSL settings do not always require the sslkey option” to “MySQL SSL settings do not always require the sslkey option”
You flagged this item as spam.
Micah Wedemeyer May 25th, 2008 @ 11:00 PM
I forgot to update the comments to add the sslca option. It's actually been in the code for a while, but never made it into the comments.
Attaching a patch with the updated comments.
- 0001-Updated-MysqlAdapter-comments-to-list-the-sslca-opti.patch 1.3 KB
Repository July 12th, 2008 @ 03:01 AM
- State changed from “new” to “resolved”
- Tag set to “activerecord, patch, ssl”
(from [5e2e1ed9ffc481a91596d8c3fd9a68d7977e75ca]) Ensure MysqlAdapter allows SSL connection when only sslca is supplied. [#253 state:resolved]
Signed-off-by: Pratik Naik
http://github.com/rails/rails/co...
You flagged this item as spam.
klkk May 23rd, 2011 @ 02:53 AM
- Importance changed from “” to “”
louisvuittonwarehouse.com
You flagged this item as spam.
klkk May 23rd, 2011 @ 02:55 AM
www.louisvuittonwarehouse.com

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>

Shared Ticket Bins (Sort)

↓↑ drag 455 Open Bugs
↓↑ drag 0 Recent Open Tickets
↓↑ drag 87 Open Patches
↓↑ drag 0 Open Doc Patches
↓↑ drag 542 Stale Tickets
↓↑ drag 3 Verified Patches
↓↑ drag 87 Stale Patches
↓↑ drag 0 Yesterday's Tickets
↓↑ drag 0 Two Days Ago
↓↑ drag 0 This Week
↓↑ drag 0 Last Week
↓↑ drag 7 Bugmash
↓↑ drag 0 Bugmash review queue
↓↑ drag 5 Rails 3 High Priority Tickets

People watching this ticket

Attachments

0001-Updated-MysqlAdapter-t... 1.2 KB
0001-Updated-MysqlAdapter-c... 1.3 KB

Rails Ruby on Rails