How to configure spring boot application to use SSL/TLS over MySQL?

Question

I set up SSL on my MySQL server.

I generated few certicates for CA (ca.pem, ca-key.pem), for client (client-cert.pem, client-key.pem) and server (server-cert.pem and server-key.pem).

In spring boot configuration file, here is the link to MySQL defined in application.yml file : jdbc:mysql://host:3306/bdd_name?useUnicode=true&characterEncoding=utf8&useSSL=true&requireSSL=true

I verify that my certicates are with openssl verify and I verify also by using a mysql client to set up a connection.

How to set the link Spring Boot application to my certificates (I have *.pem files) to finish my configuration ?

Can you explain what you are trying to get Spring Boot to achieve ? — PaulNUK
My Spring Boot application needs to connect to the database in secure mode to do operation (select, insert, update, ...) on data used in the application. My question is how to configure the certifcates to allow mysql server to accept the request of the spring applciation ? — Youssouf Maiga
It works well without ssl The datasrouce is correctly sed in spring configuration file and NOW MY GOAL IS TO ADD SSL — Youssouf Maiga

gavenkoa gavenkoa · Accepted Answer · 2018-08-16T14:13:33

Check my answer: https://stackoverflow.com/a/51879119/173149

I don't like to pollute java options or system properties, which are useless in application containers in any case...

You can set SSL certificate for MySQL connection programmically with:

jdbc:mysql://example.com:3306/MYDB?verifyServerCertificate=true&useSSL=true&requireSSL=true&clientCertificateKeyStoreUrl=file:cert/keystore.jks&clientCertificateKeyStorePassword=123456&trustCertificateKeyStoreUrl=file:cert/truststore.jks&trustCertificateKeyStorePassword=123456

It is documented:

How to configure spring boot application to use SSL/TLS over MySQL?

2 Answers