I have recently gotten an SSL certificate for my website and have successfully implemented it. The certificate shows up when I go to my website and now I have been trying to set up MySQL within the same server. I know this isn’t the most efficient way but the project I am doing this for is very small scale. I changed the mysql.conf file to bind to 0.0.0.0. I try to login where host is my IP address but it will not allow me. The response is

ERROR 1130 (HY000): Host ‘XXX.XXX.XXX.XXX’ is not allowed to connect to this MySQL server

I went to mysql to check ssl status and I get this

+—————+—————–+
| Variablename | Value |
+—————+—————–+
| have
openssl | YES |
| havessl | YES |
| ssl
ca | ca.pem |
| sslcapath | |
| ssl
cert | server-cert.pem |
| sslcipher | |
| ssl
crl | |
| sslcrlpath | |
| ssl
key | server-key.pem |

But when I do \s I get “SSL: Not in use”

I’m not sure why it is saying SSL is not in use but I think that is why my secure IP address will not allow access to mysql. Does anyone know how to fix this or what else might be the problem?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi! That particular error message from mysql doesn’t actually apply to the SSL configuration. If you’re trying to login as the root user then that user is most likely limited to “localhost” connections, eg, from the same server.

If you want to create a user or add mysql privileges to a user, here’s a tutorial on how to do that:
https://www.digitalocean.com/community/tutorials/how-to-create-a-new-user-and-grant-permissions-in-mysql

The “@localhost” part of that tutorial is where you would need to put your IP address to allow yourself to connect to the mysql user.

However, I do not recommend this - instead, you can create an SSH tunnel then connect to mysql as if you were on the server itself.

Here’s one DO tutorial using an SSH tunnel and mysql workbench:
https://www.digitalocean.com/community/tutorials/how-to-connect-to-a-mysql-server-remotely-with-mysql-workbench

There are many options for command line or gui access via the SSH tunnel method.

I would also recommend changing your mysql server to bind to localhost instead of 0.0.0.0 as it will be more secure and will work well with the SSH tunneling method.

Hope this helps, let us know if you have any questions

by Etel Sverdlov
MySQL is a powerful database management system used for organizing and retrieving data. This tutorial explains how to to create new MySQL users and how to grant them the appropriate permissions.
Submit an Answer