Related

Product Now Available: Managed MySQL Databases Product
How to enable gzip on Digitalocean Spaces? Question Question
SSL not working on server Question Question

Question

How to secure MySQL droplet with HTTPS

Posted February 28, 2019 2.5k views
MySQLSecurityUbuntu 18.04

I have added a fresh droplet with MySQL from the one-click apps to my account. The entire setup is working fine and I can access PhpMyAdmin as well as log in through terminal to change whatever I want. I used to set up SSL on my other droplets manually, but read it can be done automatically in this article.

Quick question: can I do this automatically and if so, how? Or do I need to go through the entire process using Certbot, changing proxies etc?

Thanks!

Add a comment
PennyWise94
By:
PennyWise94
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
PennyWise94 April 5, 2019

Hi,

This works just fine and I know have a URL https://database.mywebsite.com which redirects correctly to the MySQL database login via phpmyadmin. However, I can still access the IP address of the MySQL server with regular http. (http://xxx.xx.xxx.xx/phpmyadmin) which then indicates “not secure” in my browser.

My server communicates with the MySQL database via SSL certificates so I’m confident this works correctly, however I can’t find any information on how to secure the IP address itself so accessing the root or phpmyadmin is forced over a secure connection.

Reply Report
jarland February 28, 2019

Hey friend,

I would say that certbot should do just fine for this, though I’m not certain what you are referring to with proxies. This guide should work well:

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04

Jarland

How To Secure Apache with Let's Encrypt on Ubuntu 18.04
by Kathleen Juell
by Erika Heidi
Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. In this tutorial, you will use Certbot to obtain a free SSL certificate for Apache on Ubuntu 18.04 and set up your certificate to renew automatically.
Reply Report
  • waituk7 August 16, 2019

    The guide you have provided is for general droplets with nginx. This doe NOT work on droplets created as a one click mysql droplet. Following that guide results in this error:

    nginx restart failed:\n%s\n%s" % (out.read(), err.read()))
certbot.errors.MisconfigurationError: nginx restart failed:
    Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help