Question

How to secure MySQL droplet with HTTPS

Posted February 28, 2019 1.6k views
MySQLSecurityUbuntu 18.04

I have added a fresh droplet with MySQL from the one-click apps to my account. The entire setup is working fine and I can access PhpMyAdmin as well as log in through terminal to change whatever I want. I used to set up SSL on my other droplets manually, but read it can be done automatically in this article.

Quick question: can I do this automatically and if so, how? Or do I need to go through the entire process using Certbot, changing proxies etc?

Thanks!

Add a comment
PennyWise94
By:
PennyWise94
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
PennyWise94 April 5, 2019

Hi,

This works just fine and I know have a URL https://database.mywebsite.com which redirects correctly to the MySQL database login via phpmyadmin. However, I can still access the IP address of the MySQL server with regular http. (http://xxx.xx.xxx.xx/phpmyadmin) which then indicates “not secure” in my browser.

My server communicates with the MySQL database via SSL certificates so I’m confident this works correctly, however I can’t find any information on how to secure the IP address itself so accessing the root or phpmyadmin is forced over a secure connection.

Reply Report
jarland February 28, 2019

Hey friend,

I would say that certbot should do just fine for this, though I’m not certain what you are referring to with proxies. This guide should work well:

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04

Jarland

How To Secure Apache with Let's Encrypt on Ubuntu 18.04
by Kathleen Juell
by Erika Heidi
Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. In this tutorial, you will use Certbot to obtain a free SSL certificate for Apache on Ubuntu 18.04 and set up your certificate to renew automatically.
Reply Report
  • waituk7 August 16, 2019

    The guide you have provided is for general droplets with nginx. This doe NOT work on droplets created as a one click mysql droplet. Following that guide results in this error:

    nginx restart failed:\n%s\n%s" % (out.read(), err.read()))
certbot.errors.MisconfigurationError: nginx restart failed:
    Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help