OurSQL Episode 65: Security Blanket - The Missing Link

This week we have a big announcement about Sarah, 3 hosts and an extra special guest. We go on to talk about using SSL with MySQL. Ear Candy - a gotcha when mixing GRANT and SSL requirements, where what is semantically possible does not necessarily follow logic.

News
Call for papers for Percona Live: MySQL Conference & Expo 2012 is open until Monday, December 5th. The MySQL Conference & Expo is Tuesday April 10 - Thursday, April 12, 2012 in Santa Clara, CA.

To submit a paper, first register as a speaker at http://www.percona.com/live/mysql-conference-2012/user/register and then go to My Account -> Submit Proposal.

Main content
Previous podcasts about securing MySQL
Episode 55 about Gazzang
Episode 59 - Securing MySQL part 1
Episode 60 - Securing MySQL part 2

The MySQL Manual has sections on:
Basic SSL Concepts
Using SSL for Secure Connections

Episode 49 has the ear candy with the gotcha that a CHANGE MASTER TO statement requires MASTER_SSL=1 even though in the commandline client, --ssl is not required.

Getting status with \s

GRANT syntax including all the options for the REQUIRE clause.

CHANGE MASTER TO statement syntax
MySQL 5.1 Replication Slave Options - showing most of the --master* option variables being deprecated.
MySQL 5.5 Replication Slave Options - which does not show the deprecated varables, as they are gone.

The MySQL manual has a page on how to create a certificate to use in setting up SSL.

Sheeri has PDF slides from presentation called "Connect and Replicate Securely: How to use MySQL with SSL".

Ear Candy
Webyog has an article about mixing more than one statement to grant permissions while mixing the usage of REQUIRE SSL - for example if you create a user with CREATE USER....REQUIRE SSL but then you GRANT another permission without specifying any SSL requirements, SSL is still required.

Where you can see us
Sheeri will be at LISA, the Large Installation Sysadmin Conference, from December 5-9 in Boston.

The December Seattle MySQL User Group on Monday December 5th from 7 - 9 pm where Ivan Zoratti of SkySQL will present "MySQL HA Revisited".

And a week later the same talk will be given at the December Boston MySQL User Group on Monday December 12th from 7 - 9 pm.

Sarah will be at linx.conf.au, January 16-20 in Ballarat, Victoria, Australia.

Feedback
Facebook group
e-mail: podcast at technocation.org
voicemail using phone/Skype: +1-617-674-2369
twitter: @oursqlcast
or Tweet about @oursqlcast