Server Configuration to Require Secure Client Connections
To make the server restrict access to clients over SSL only, add the
REQUIRE SSL clause to the user’s
GRANT statement, for example:
GRANT all ON *.* TO 'user'@'%' REQUIRE SSL;
For example, if
REQUIRE SSL is specified for the user
## This connection attempt is rejected with an "Access denied" error:mysql -u user -h 220.127.116.11
## This one works:mysql -u user -h 18.104.22.168 --ssl-ca=ca-cert.pem
Unless the client is configured properly, the client may or may not use SSL to connect to SingleStoreDB even if SSL is enabled on the SingleStoreDB cluster.
REQUIRE SSL helps protect against misconfigured clients by preventing them from connecting over an insecure plaintext connection.
Last modified: April 26, 2023