I am trying to make a secure SSL connection to my Amazon Web Service RDS instsance.
A user 'ericencrypt' has been created with privileges as follows:
CREATE USER 'ericencrypt'@'%' identified by 'xxxxxx';
GRANT SELECT ON table1.* TO 'ericencrypt'@'%' REQUIRE SSL;
MySQL Workbench - Success
I am able to connect to my this using the MySQL Workbench specifying the SSL CA File as the rds-combined-ca-bundle.pem downloaded from the Amazon here http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.SSLSupport
Python - Success
I am also able to make an SSL connection on python using the same SSL CA combined bundle pem file.
C++ - Failed
The problem is when I try to run this code in my C++ project I get a 'Access denied for user 'ericencrypt'@'12.159.10.49' (using password: YES)' error
MYSQL *conn;
char *server = "pkcloudwest.xxxxxxxxx.us-west-1.rds.amazonaws.com";
char *user = "ericnotencrypt";
char *password = "xxxxxx";
char *database = "table1";
int port = 0;
conn = mysql_init(NULL);
mysql_ssl_set(conn, NULL, NULL, "rds-combined-ca-bundle.pem", NULL, NULL )
if( !mysql_real_connect(conn, server, user, password, database, port, NULL, 0) )
qDebug() << "could not connect: " << mysql_error(conn);
Documentation for mysql_ssl_set: https://dev.mysql.com/doc/refman/5.5/en/mysql-ssl-set.html says that calling mysql_ssl_set will set the CLIENT_SSL flag for mysql_real_connect
I also created another user that does not REQUIRE SSL and was able to connect to it
CREATE USER 'ericnotencrypt'@'%' identified by 'xxxxx';
GRANT SELECT ON table1.* TO 'ericnotencrypt'@'%';
MYSQL *conn;
char *server = "pkcloudwest.xxxxxxxxx.us-west-1.rds.amazonaws.com";
char *user = "ericencrypt";
char *password = "xxxxxx";
char *database = "table1";
int port = 0;
conn = mysql_init(NULL);
//mysql_ssl_set(conn, NULL, NULL, "rds-combined-ca-bundle.pem", NULL, NULL )
if( !mysql_real_connect(conn, server, user, password, database, port, NULL, 0) )
qDebug() << "could not connect: " << mysql_error(conn);