Hello!
The MySQL server I'm connecting to via SSL with Connector/J is configured not to verify the certificate presented by the client. In
https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-using-ssl.html
it says I have to have a client certificate and instructs me to create a keystore containing it. Does this apply even when the server does not verify the certificate? In other words, why do I need to create and provide the keystore file when the server is not set up to verify the client certificate? Basically, I want the client to connect to the MySQL server like a web browser typically connects to an HTTPS server: the web browser verifies the certificate presented by the server, and the web browser does not send a certificate to the server to verify. Can I do the same with a Connector/J client such that I don't have to create and provide the client certificate keystore?
Thank you!
Lewis
The MySQL server I'm connecting to via SSL with Connector/J is configured not to verify the certificate presented by the client. In
https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-using-ssl.html
it says I have to have a client certificate and instructs me to create a keystore containing it. Does this apply even when the server does not verify the certificate? In other words, why do I need to create and provide the keystore file when the server is not set up to verify the client certificate? Basically, I want the client to connect to the MySQL server like a web browser typically connects to an HTTPS server: the web browser verifies the certificate presented by the server, and the web browser does not send a certificate to the server to verify. Can I do the same with a Connector/J client such that I don't have to create and provide the client certificate keystore?
Thank you!
Lewis