Bug #57101 | Include SSL as a valid connection method | ||
---|---|---|---|
Submitted: | 29 Sep 2010 12:52 | Modified: | 10 Nov 2010 16:22 |
Reporter: | Curt VanCalster | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Workbench: Administration | Severity: | S4 (Feature request) |
Version: | 5.2 | OS: | Any |
Assigned to: | Alfredo Kojima | CPU Architecture: | Any |
Tags: | MySQL, SSL, workbench |
[29 Sep 2010 12:52]
Curt VanCalster
[29 Sep 2010 13:48]
Valeriy Kravchuk
Thank you for the feature request.
[18 Oct 2010 17:15]
Jordan Mitchell
As our servers all require SSL, this feature is essential for us. It's command-line only administration until this can be added.
[18 Oct 2010 17:35]
J Wilson
Is there any way to raise the priority of this to a bug? The old MySQL Query Browser supported a command-line specified cnf file that could be used to connect via SSL. That this ability is not included in workbench represents a loss of functionality when moving up from legacy tools and is unacceptable. Beyond this, there is a severe lack of GUI tools that are capable of using SSL alone (no pw; using ssl-ca, ssl-cert, ssl-key). The lack of this connection method in Oracle's own software encourages others to ignore it as important and inhibits system administrators ability to have complete freedom in making security/policy decisions, especially where using GUI database tools is critical.
[19 Oct 2010 17:00]
Leif Inge Sandberg
I support raising the priority on this issue. Seeing such essential features being left out from Workbench, it feels like the Query Browser was discontinued way too early.
[20 Oct 2010 11:46]
Leif Inge Sandberg
A modification of my previous statement about discontinuing the Query Browser; it is still a very useful tool. The No Install version worked on my Windows 7 PC without any adjustments. I downloaded it from here: http://dev.mysql.com/downloads/gui-tools/5.0.html
[20 Oct 2010 13:40]
Alfredo Kojima
mysql_rdbms_info.xml
Attachment: mysql_rdbms_info.xml (text/xml), 111.39 KiB.
[20 Oct 2010 13:41]
Alfredo Kojima
Options for SSL support have been added to the Advanced Options of TCP/IP connection types. You can enable SSL support in the currently released version by replacing the mysql_rdbms_info.xml file shipped with WB with the one attached to this bug report. Please report if it works or doesn't for you.
[20 Oct 2010 13:48]
Alfredo Kojima
bug #49229 marked as duplicate
[20 Oct 2010 14:19]
Curt VanCalster
I verified the instructions given and it works. I also used wireshark to verify that the connection is ssl enabled and it was. Very quick response and completion of this. Nice Job!
[20 Oct 2010 14:28]
J Wilson
attached xml file worked for me -- thanks very much!
[20 Oct 2010 14:31]
Jordan Mitchell
Tested in Windows 7 & Ubuntu Linux & working great. Thanks for the quick response!
[20 Oct 2010 14:31]
Leif Inge Sandberg
Works for me 2 :-)
[20 Oct 2010 14:34]
Chris Gross
This is great! However, please modify your attached XML file and add the SSL properties that were missing to the Standard TCP/IP over SSH as well. Currently you only added them to the Standard TCP/IP advanced options and they are missing from the "over SSH" advanced options. I did this locally and it worked for me so a simple copy and paste is all that is needed.
[20 Oct 2010 15:15]
Alfredo Kojima
mysql_rdbms_info.xml with SSL support for all connection types
Attachment: mysql_rdbms_info.xml (text/xml), 120.41 KiB.
[8 Nov 2010 20:03]
Johannes Taxacher
new options added to "advanced" tab of connection management dialog. confirmed in repository
[10 Nov 2010 16:22]
Tony Bedford
An entry has been added to the 5.2.30 changelog: If the SSL option was selected for a standard TCP/IP connection, there was no facility provided to enter the SSL certificate details.
[26 Nov 2010 15:15]
Paarde Bekje
I tried to setup this with Mysql Workbench 5.2.30, but it does not work. Doing a tcpdump on the connection, I noticed the message 'Bad handshake'. With the Toad client it works. Any clues? Thanks.