3

I have MySQL installed on a VPS, which I will use to host multiple databases for customers, who will use them from a front-end.

I have forced all communication to each database to be via SSL, and I will generate a seperate set of client SSL certificates/keys for each different customer.

My question is: the MySQL server deamon uses the same SSL server certifcate/key for communication with each different customer. Will each customer having a different client certificate be enough to ensure that they would not be able to eavesdrop on eachother's communication to the database server?

Lewis Bassett
  • 161
  • 1
  • 6

2 Answers2

3

As I understand it, the server's SSL/TLS connection is enough to prevent eavesdropping. A client certificate does not provide additional encryption (except perhaps during the handshake) it is there to authenticate the client.

Whether you have a client cert or not the client and the browser will communicate using the highest level of encryption that they both support. The client cert simply ensures that the client is who it says it is.

It's OK that the MySQL server uses the same TLS/SSL cert for communicating with all of the clients, because is will have a different handshake with each. Just like with a web server you can communicate with multiple clients using the same cert.

Jason Dean
  • 196
  • 2
  • These are my thoughts aswell. Buy a certificate that's proven to be valid with just about any client. – pauska Sep 18 '11 at 14:25
  • Thanks for the reply. I should have made clear, MySQL will be communicating with MS Access using SSL. Do I need to have a client certificate to force all communication with the server to be encrypted? – Lewis Bassett Sep 20 '11 at 06:08
  • Generally speaking, an application that is capable of SSL-enabled communications will have the ability to use its own (often on-the-fly generated) keypair if no other is provided. A certificate is just a random public key that's been stamped as valid by some third-party authority. As Jason says, SSL-enabled clients will communicate happily and securely without one; all you lose is the server's assurance that this client is pre-approved, and if the client's authenticating with user/pass under cover of SSL, this is almost redundant anyway. – MadHatter Sep 20 '11 at 06:48
1

Short answer: yes.

Longer answer: yes, because both client and server keypairs are involved in exchanging the nonce session keys that secure a given transaction. If client B gets hold of a complete ciphertext session between client A and the server, she could decrypt that if she had either the server's private key, or client A's private key. But client B has only her own private key and the server's public key; that won't help her decrypt client A's transactions with the server.

MadHatter
  • 79,770
  • 20
  • 184
  • 232
  • Lewis, you're welcome. Just in case you don't know the drill, I hope you'll forgive me for pointing out that once you're satisfied with one answer to your question, you should *accept* it by clicking on the "tick" outline you see next to it. That helps drive the SF reputation system, both for the person who wrote the answer, and for you - otherwise, we see warnings that you're a person who asks questions and doesn't accept answers. My apologies if all this is already known to you. – MadHatter Sep 20 '11 at 06:40