Oracle 5.0 Reference Manual page 2101

Keytool will prompt you for the following information, and create a keystore named
current directory.
Respond with information that is appropriate for your situation:
Enter keystore password:
What is your first and last name?
[Unknown]: Matthews
What is the name of your organizational unit?
[Unknown]: Software Development
What is the name of your organization?
[Unknown]: MySQL AB
What is the name of your City or Locality?
[Unknown]: Flossmoor
What is the name of your State or Province?
[Unknown]: IL
What is the two-letter country code for this unit?
[Unknown]: US
Is <CN=Matthews, OU=Software Development, O=MySQL AB,
L=Flossmoor, ST=IL, C=US> correct?
[no]: y
Enter key password for <mysqlClientCertificate>
(RETURN if same as keystore password):
Finally, to get JSSE to use the keystore and truststore that you have generated, you need to set the
following system properties when you start your JVM, replacing
full path to the keystore file you created,
file you created, and using the appropriate password values for each property. You can do this either
on the command line:
-Djavax.net.ssl.keyStore=path_to_keystore_file
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=path_to_truststore_file
-Djavax.net.ssl.trustStorePassword=password
Or you can set the values directly within the application:
System.setProperty("javax.net.ssl.keyStore","path_to_keystore_file");
System.setProperty("javax.net.ssl.keyStorePassword","password");
System.setProperty("javax.net.ssl.trustStore","path_to_truststore_file");
System.setProperty("javax.net.ssl.trustStorePassword","password");
You will also need to set
J, either by adding
useSSL=true
java.util.Properties
You can test that SSL is working by turning on JSSE debugging (as detailed below), and look for the
following key events:
...
*** ClientHello, v3.1
RandomCookie: GMT: 1018531834 bytes = { 199, 148, 180, 215, 74, 12, »
54, 244, 0, 168, 55, 103, 215, 64, 16, 138, 225, 190, 132, 153, 2, »
217, 219, 239, 202, 19, 121, 78 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods:
***
[write] MD5 and SHA1 hashes:
0000: 01 00 00 37 03 01 3D B6 90 FA C7 94 B4 D7 4A 0C
0010: 36 F4 00 A8 37 67 D7 40 10 8A E1 BE 84 99 02 D9
0020: DB EF CA 13 79 4E 00 00 10 00 05 00 04 00 09 00
0030: 0A 00 12 00 13 00 03 00 11 01 00
main, WRITE: SSL v3.1 Handshake, length = 59
main, READ: SSL v3.1 Handshake, length = 74
*** ServerHello, v3.1
RandomCookie: GMT: 1018577560 bytes = { 116, 50, 4, 103, 25, 100, 58, »
202, 79, 185, 178, 100, 215, 66, 254, 21, 83, 187, 190, 42, 170, 3, »
132, 110, 82, 148, 160, 92 }
Connector/J (JDBC) Reference
*********
path_to_truststore_file
to in your connection parameters for MySQL Connector/
useSSL true
to your URL, or by setting the property
instance you pass to DriverManager.getConnection().
{ 0 }
len = 59
2081
path_to_keystore_file
with the path to the truststore
to
useSSL
...7..=.......J.
6...7g.@........
....yN..........
...........
in the
keystore
with the
in the
true