Why is using SSL a must for production database connection?

What is SSL?

SSL stands for Secure Sockets Layer, the standard security protocol developed by Netscape many years ago to transmit data securely over the Internet. It works by using a private key to encrypt data over the SSL connection.

Why should you always use SSL for your production data communication?

In database production, it’s necessary to use SSL as your data is the most important asset to protect, given the highest rank that hackers have placed it on. Enabling SSL encryption increases the security of data transmitted across networks between instances of Database Server and Client.

Unless the database server and the client are communicating over a local network, there is always a possibility that the connection between these two might be eavesdropped. If someone is trying to perform the attack the connection by sniffing packets on the network between the Database Server and the Application, using SSL will help you with two functions:

To prevent the data from being seen/altered by the attacker listening on the network.
To ensure that the client is connecting to the authentic server, and not a man-in-the-middle.

Note that if the attacker is sniffing packets from the database server or the client, it’s likely that he already had the root access there, so using SSL will make no difference in this case.  

Steal

How to set up and use SSL?

Usually, the detailed process will be somewhat like this:

Generate a openssl private/public key pair for the Server
Generate the Certificate Signing Request (CSR) for the public key of the server
Sign the CSR on a Certificate Authority
Configure the server to use the certificate and the private key
Configure secure connections for remote clients

How SSL works

First we will have to find the appropriate database server adjustment, required for SSL-enabling, and certificates generation. Then, we’ll create and configure certs for client and, lastly, will establish secure connection to our server via the client.

When you have your SSL-enabled database server ready, it’s quite easy to connect using TablePlus with SSL connection support. You can be able to upload the private key file, SSL Certification file or CA SSL Certification file while configuring the connection.

Create a new connection in TablePlus

TablePlus is a modern, native tool with an elegant UI that allows you to simultaneously manage multiple databases such as MySQL, PostgreSQL, SQLite, Microsoft SQL Server and more. 