This involves specifying a server certificate, client certificate, and
client key when connecting.
Django already supports this configuration, it looks like this:
{{{
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'HOST': db_host,
'NAME': 'test',
'USER': 'root',
'PASSWORD': 'root',
'OPTIONS': {
'ssl': {
'ca': 'server-ca.pem',
'cert': 'client-cert.pem',
'key': 'client-key.pem',
}
},
},
}
}}}
However the dbshell command does not support the client cert params
('cert' and 'key'), though it is aware of the server cert param 'ca'.
Should be a trivial fix to add in support for the other 'ssl' parameters
required here, I'll take a look.
--
Ticket URL: <https://code.djangoproject.com/ticket/28322>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
* type: Uncategorized => Cleanup/optimization
* stage: Unreviewed => Accepted
* component: Database layer (models, ORM) => Core (Management commands)
--
Ticket URL: <https://code.djangoproject.com/ticket/28322#comment:1>
* has_patch: 0 => 1
Comment:
Pull request here: https://github.com/django/django/pull/8657
(Needs CLA, I'm currently running that by legal).
This is my first contribution to Django so please nitpick if I've done
something slightly wrong ;)
--
Ticket URL: <https://code.djangoproject.com/ticket/28322#comment:2>
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"335a8d7895a0d73df3d41fac750ff8f412a989b2" 335a8d78]:
{{{
#!CommitTicketReference repository=""
revision="335a8d7895a0d73df3d41fac750ff8f412a989b2"
Fixed #28322 -- Added dbshell support for MySQL client TLS certs.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/28322#comment:3>