SSL required to secure connection to Amazon RDS?

[tim438]

Hello,

I am running cPanel / WHM on a small VPS and want to use Amazon RDS for the MySQL database on certain sites. I've been reading about setting up secure SSL connections to RDS and contacted my host for help setting it up.

A senior administrator responded and told me that it wasn't necessary to set up SSL because MySQL connections are encrypted by default. This doesn't seem to agree with what I'm reading, but since I'm nowhere near an expert with MySQL I'm looking for some advice.

Could it be correct that I don't need to set up an SSL connection to RDS to protect the data in transit?

 

[Greenhost]

in natural is not necessary, but If you need more security do it by SSl.

 

[tim438]

I know it's not necessary to make the connection, but I want the traffic between my web server and RDS instance to be encrypted. My host is telling me that all MySQL connections are encrypted and SSL isn't needed to encrypt the connection. Is that correct?

 

[concerto49]

SSL would be the way to go. It's not only encrypted but provides a trust store that is verified.

 

[tim438]

Thanks for your help everyone. Sounds like the thing to do is move forward with trying to set up the remote connection with SSL. I've been researching about how to set up the SSL connection and I'm really not sure what I need to do. I have a public key that's provided by Amazon for the RDS instance and I don't believe anything else needs to be configured on the RDS side. The only suggestion they give is optionally making SSL required for the connection.

Is there a way to configure MySQL on my VPS server (for a particular account, not for the whole server) so that it will automatically connect to the remote database using SSL? I'm hoping that the SSL connection doesn't need to be established by setting the parameters in each program that needs DB access (for example, changing the WordPress DB connection settings) as that probably wouldn't be possible to do for all the programs that will need access.

 

[tim438]

Can anyone point me in the right direction to connect some of my accounts to RDS with SSL?