I am stuck getting the certificate authentication going with MySQL. Encryption is not problem, found many examples on this and things work as described. I need to add authentication using individual certificates.
CREATE USER 'user'@'some.IP.address'
REQUIRE SUBJECT 'MySQL _Server_8.0.17_Auto_Generated_Client_Certificate’
AND ISSUER ''MySQL _Server_8.0.17_Auto_Generated_CA_Certificate’;
Note that I am using the built-in default certificates to get started. I can see in mysql.user table that the users X509_issuer and x509_subject are set as per above and that ssl_type is set to “SPECIFIED”. If I set the users ssl_type to “X509” the certificates work (I can log in) but then I am not doing any individual authentication.
mysql –h’some.IP.address’ –u’user’ –p’password’ –ssl-ca=ca.pem –ssl-cert=client-cert.pem --ssl-key=client-key.pem