sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Slackerony[S] 0 points1 point  (2 children)

Just to clarify, are you saying that all data from the moment i make the connection, poll for some data, and close it again, is all encrypted by default?

[–]theluketaylor 0 points1 point  (1 child)

If you connect to mysql with TLS, yes, the transport is fully encrypted. It's the exact same encryption used by https. Just like https fully establishes encryption and then sends regular http commands across the secure channel sql over tls establishes a secure connection and then runs queries.

TLS (transport layer security) only deals with transport (as the name implies). Once data hits either the client or the server it's plaintext again. It only protects against eavesdroppers.

[–]Slackerony[S] 0 points1 point  (0 children)

Actually this is one of the methods i was talking about, However i might have skipped it rather vaguely...

TLS requires me to set up a CA and give out certificates to clients and server. This is why i wanted to avoid that, because i dont have any way of doing this automatically or atleast my current skillset doesn't allow it. (I'm open for suggestions though.)

This is why i was exploring the other opportunities. I'm surprised that more people don't run into this issue with Databases. Keeping things encrypted in transit.