Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ClientConfig ¶
func ClientConfig(mode SslMode, cert, key, ca, crl, name string, minTLSVersion uint16) (*tls.Config, error)
ClientConfig returns the TLS config to use for a client to connect to a server with the provided parameters.
func ServerConfig ¶
ServerConfig returns the TLS config to use for a server to accept client connections.
func TLSVersionToNumber ¶ added in v0.12.0
TLSVersionToNumber converts a text description of the TLS protocol to the internal Go number representation.
Types ¶
type SslMode ¶ added in v0.12.0
type SslMode string
SslMode indicates the type of SSL mode to use. This matches the MySQL SSL modes as mentioned at: https://dev.mysql.com/doc/refman/8.0/en/connection-options.html#option_general_ssl-mode
const Disabled SslMode = "disabled"
Disabled disables SSL and connects over plain text
const Preferred SslMode = "preferred"
Preferred establishes an SSL connection if the server supports it. It does not validate the certificate provided by the server.
const Required SslMode = "required"
Required requires an SSL connection to the server. It does not validate the certificate provided by the server.
const VerifyCA SslMode = "verify_ca"
VerifyCA requires an SSL connection to the server. It validates the CA against the configured CA certificate(s).
const VerifyIdentity SslMode = "verify_identity"
VerifyIdentity requires an SSL connection to the server. It validates the CA against the configured CA certificate(s) and also validates the certificate based on the hostname. This is the setting you want when you want to connect safely to a MySQL server and want to be protected against man-in-the-middle attacks.