sunanda menon wrote: > > >> MySQL source provides the Certificate Authority(CA) > >> certificate, the server public key and the server private key > >> to start the MySQL server so that it allows the clients to > >> connect via SSL. > > > >Not clear to me what you mean by "MySQL source provides ..."? > >It sounds as if the CA cert and server keys are embedded in the source? > >That can't be it though. But then what does the above paragraph mean? > > It actually means the keys+certificates are embedded in the source and
If that is true, there's a sufficiently huge security hole there that we won't ship this! The SSL capability of MySQL would be useless if that were true. I suspect it is not true though ;-) > they are usually placed in mysql-test/std_data.I'm showing here the bits > of mysql-5.0.67 ,but the same is true for 5.0.77 The files you show are in the SUNWmysql5test package, which most people won't install. I don't think installing SUNWmysql5test is a requirement to being able to use ssl connections from /usr/bin/mysql, right? My guess is those files in mysql-test/std_data are for running the tests only and are thus unrelated to this feature or this case. Right? Please investigate this in detail and update the spec accordingly. -- Jyri J. Virkki - jyri.virkki at sun.com - Sun Microsystems
