Connect to SingleStore Helios using TLS/SSL
On this page
Important
The singlestore_
file, which SQL clients can use to connect to SingleStore Helios, will be updated as of October 20, 2023.
If your SQL client uses the singlestore_
file and the --ssl-mode=VERIFY_
flag to connect, and your SQL client can no longer connect to SingleStore Helios, please download and use the latest singlestore_
file.
To ensure a secure connection to SingleStore Helios, SQL clients must be properly configured to both require a secure connection and to verify the supplied server certificate.
Refer to SingleStore Helios Endpoints and Server Configuration to Require Secure Client Connections for more information.
Configure the SingleStore Helios Connection
These instructions describe how to configure the MySQL command-line client to connect to SingleStore Helios with a secure connection.
-
Download the
singlestore_
certificate file and save it to your MySQL client machine.bundle. pem -
When connecting to SingleStore Helios, be sure to include:
a.
The host shown under the Endpoint from your workspace in the Cloud Portal. b.
Port 3306
.c.
The --default-auth=mysql_
option.native_ password d.
The --ssl-ca
option, including the path to thesinglestore_
file.bundle. pem This can be done via command-line option, as in --ssl-ca=/path/singlestore_
, or by setting the appropriate option in the configuration files for the MySQL command-line client.bundle. pem Include the --ssl-mode=REQUIRED
when using older versions of the MySQL client, even when the--ssl-ca
option is specified.e.
The --ssl-mode=VERIFY_
option to verify the certificate.CA -
Test the connection to SingleStore Helios.
The MySQL client will abort with an error if a secure connection cannot be established. While this is most likely due to a misconfiguration, it can also be due to a would-be attacker manipulating the secure connection to SingleStore Helios. mysql -u admin -p -h <endpoint-host> -P 3306 \--default-auth=mysql_native_password \--ssl-ca=./singlestore_bundle.pem \--ssl-mode=VERIFY_CA -
Verify that a secure connection has been established to SingleStore Helios via the
status
command.mysql -u admin -p -h <endpoint-host> -P 3306 \--default-auth=mysql_native_password \--ssl-ca=./singlestore_bundle.pem -e 'status' \--ssl-mode=VERIFY_CAmysql Ver 14.14 Distrib 5.6.19, for osx10.9 (x86_64) using EditLine wrapper Connection id: 13 Current database: Current user: root@yyy.yyy.yyy.yyy SSL: Cipher in use is AES256-SHA Current pager: stdout Using outfile: '' Using delimiter: ; Server version: 5.5.8 MemSQL source distribution (compatible; MySQL Enterprise & MySQL Commercial) Protocol version: 10 Connection: xxx.xxx.xxx.xxx via TCP/IP Server characterset: utf8 Db characterset: utf8 Client characterset: utf8 Conn. characterset: utf8 TCP port: 3306
Last modified: April 24, 2024