Encrypted all mysql connnection

Is there any simple / step-by-step guilde to ensure all mysql connections are encrypted ?

Do we need to modify any program to connect to Mysql database ? Any potential impact / distrub to our operation ?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Manfred BertlManagerCommented:
For securing connections to my SQL-Servers i use OpenVPN as VPN tunnel between server and client. Basically it secures the data which is transfered between clients interface to the servers VPN interface. Not covered by this is the transfer between your application to the tunnel interface, and on the other side, transfer from the VPN interface to the SQL-Servers interface.

So, for a complete secure transfer you would have to make sure, nobody can read your data from typing data into your application until the actual transfer from your input mask to the secure line. Also on the other side, from coming out of the VPN tunnel, you would have to secure the transfer to the SQL-Server by some other method. Any MITM would be able to read the datastream, except for the transfer within the VPN line.

For my purposes, securing via VPN (or like in your case SSH), the data is secure enough. Securing your LAN against any other attacks, like a MITM, is a task for itself.
AXISHKAuthor Commented:
client machine ------------> front-end server  -------------------------------------------------------> mysql server  
                            (ssh)                                        ssh -fNg -L 3306:localhost:3306 admin@mysqlserver

for my current setup, is it similar to a vpn connection between front-end server and myserver server ? Is there any unsecure part for my current setup ?

Again, do I need to setup TLS /SSL connection to mysql server ? Any reference for the setup ?

Tks again.
Manfred BertlManagerCommented:
For using MySQL with SSL, you might be interested in this document: https://dev.mysql.com/doc/refman/5.1/en/building-with-ssl-support.html
It is vor version 5.1, but should be the same for the other versions. For setting up the server and configure the correct options, MySQL Workbench might help.
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

AXISHKAuthor Commented:

For my current connection bewteen front-end and mysql, does all the data been encrypted ?
Manfred BertlManagerCommented:
As your figure shows, it seems you have a client connection to a front-end-server. What type of server is that? a webpage with php? or a mounted shared filesystem?
AXISHKAuthor Commented:
Clients  (not public users) connect to the front-end (web server) through sftp to upload their program on html /php into it.

They can ssh to the web server where they can connect to the MySQL (using ssh port forwarding 3306) to access the mysql from there.

Does all the connection been encrypted.
Manfred BertlManagerCommented:
IMHO, yes. This is true, when not addressing security issues that sftp, html/php or ssh might have. 'Securing' the user might be the tricky part =)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AXISHKAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
MySQL Server

From novice to tech pro — start learning today.