Hi JC I know you said stunnel is not an option but how about SSLwrap? http://www.quiltaholic.com/rickk/sslwrap/
james At 18:49 19/02/2002 -0800, JC wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Hi All, > >Need: >Communicate securely using PKI from a DBI perl script to MySQL where >dozens of clients connect from multiple sites around the country >(stunnel is not an option :( > >If I issue a grant command like such >GRANT ALL PRIVILEGES ON test.* TO >[EMAIL PROTECTED] >IDENTIFIED BY "goodsecret" >REQUIRE SUBJECT "C=EE, ST=Some-State, L=Tallinn, >O=MySQL demo client certificate, CN=Tonu [EMAIL PROTECTED]" >AND ISSUER "C=FI, ST=Some-State, L=Helsinki, >O=MySQL Finland AB, CN=Tonu [EMAIL PROTECTED]" >AND CIPHER "EDH-RSA-DES-CBC3-SHA" > >I am assuming that in order to make something like this work that you >would also need to present your client certificate then the mysqld >would check the issuer and the cn for the client, but reading through >the documentation, and the change log for DBD:MYSQL I don't see >anything that would allow me to specify the client certificate. >Searching through google I did find >http:[EMAIL PROTECTED]/msg00050.html >which specs that you are supposed to use mysql_ssl=1 in the DSN but >that only gets me half way there. I was wondering if any of you guys >out there have found a way around this tid bit of a problem. > > >Background: >I have version 4.01 running on a Linux 7.1 machine the environment >variables for SSL show up. > > >Thanks in Advance, > >JC > >-----BEGIN PGP SIGNATURE----- >Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> > >iQA/AwUBPHMOqnX+hJvt5DtWEQIFFgCfQDNuz4buG7JQp1iDVkGIzZIfAM0AnivJ >t1do+xjkRMJiJVzoQl8PeBxC >=P9HK >-----END PGP SIGNATURE----- > > >--------------------------------------------------------------------- >Before posting, please check: > http://www.mysql.com/manual.php (the manual) > http://lists.mysql.com/ (the list archive) > >To request this thread, e-mail <[EMAIL PROTECTED]> >To unsubscribe, e-mail ><[EMAIL PROTECTED]> >Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php James Carrier Bullet Online :: Aim Higher [http://www.bulletonline.com] 41b Beavor Lane, London W6 9BL Tel +44 (0) 20 8834 3442 Fax +44 (0) 20 8741 2790 --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
