Using SSL with MySQL

If you ever make remote connections to a MySQL database, it’s extremely important to connect over SSL. Otherwise, you run the risk of someone seeing data in transit, modifying data in transit, or, worst of all, stealing your credentials. This could be an utter disaster.

Unfortunately, getting MySQL to use SSL is kind of complicated. Here’s how to do it.

Make Sure SSL is Enabled

First, make sure your installation of MySQL supports SSL. Using PHPMyAdmin, a MySQL command-line prompt, or whatever you prefer, run this command:

You should get a result looking something like this:

If you see “DISABLED” next to “have_openssl” and “have_ssl”, great – that means that your copy of MySQL supports SSL. If you see “NO”, you need to recompile or reinstall MySQL. If you see “YES”, you’re already done!

Create SSL Certificates

Now, you need to create some SSL certificates. Go to wherever you want to store them (I’d suggest something like /home/mysql/certs) and run the following commands:

Enter information as needed at the prompts. This will create self-signed client and server keys for you to use. The last two lines are very important! OpenSSL versions 1.0 and newer create keys in the PKCS #8 format, but MySQL expects them to be in the PKCS #1 format, so you have to run these commands to convert the keys we just created. You can read more about that problem in this Ask Ubuntu question: Enabling SSL in MySQL.

Tell MySQL to Use the Certificates

Edit your my.cnf file (probably at /etc/my.cnf) to include the following entries:

(If you used a directory other than /home/mysql/certs above, use it in the entries here.) If your my.cnf file already has mysqld and/or client sections, just add the appropriate entries to those sections.

Restart MySQL. The command varies by system, but will usually be something like service mysql restart.

Test It

Run this command again:

You should see something like this:

If so, congratulations! You’re done! If not, you might find the post Debugging MySQL SSL Problems on the Percona blog helpful.

Have you had problems with MySQL over SSL? Let me know in the comments! I’ll try to help you out!

Stack Overflow Moderator Elections, Part III

As I posted here and again here, I stood for election as a moderator on Stack Overflow this year. While I was not elected, I made it much further than I expected and finished in sixth place out of 32 nominees, 30 primary candidates, and 10 general-election candidates.

Stack Overflow is an amazing site, and the moderators have a tremendous responsibility. The candidates elected are all excellent choices who I know are already making the site even better. That said, I greatly appreciate the thousands of people who cast a vote for me, and I am deeply humbled that so many people thought of me as a good choice for the role. Thank you.

Stack Overflow Moderator Elections, Part II

In case you missed my first post on this topic, I am a candidate in the 2015 Stack Overflow moderator elections. I made it through the nomination phase (32 candidates) and primary (30 candidates), and now I’m in the general election with only 10 candidates for 3 spots remaining! I am extremely honored and humbled to have received so many votes in the primary phase, especially with so many amazing candidates. Thank you to all who supported me!

I would really appreciate your vote in the general election! I would also urge you to vote for Martijn Pieters and meager, though I don’t think you can go wrong with anyone in this amazing group.

Larry Niven Programming Quote

Please remember to read all of the remaining candidates’ nomination comments and candidate questionnaire answers.

StackOverflow moderator elections

I’m standing for election as a moderator on StackOverflow. There are many worthy candidates, but I would appreciate your vote, if you’re a member!

4 Lessons from Moving

Well, it has been about a month since we moved, so it’s time for me to share a few thoughts about it.

You Need Professionals. Moving is a huge pain. So are the processes of selling and buying houses. You know that. I know that. But there are people out there who refuse to let it get them down. We worked with some amazing people. Our real estate agent and mortgage broker made an awesome team and headed off a potential disaster when one of the other parties involved ran into problems. Our movers were similarly, awesomely efficient and professional. If you are looking to move in the Houston, Texas area, give me a shout; I would love to recommend them to you.

Keys Were Everywhere. One of the biggest surprises for me was just how many unidentified keys we had floating around. When I was a little kid, I thought old keys were awesome. Now, they are just unrecognized but potentially important clutter, the worst kind of tchotchke. My solution: henceforth, every key we own gets cataloged in Evernote, with a photo, a description of what it does, and, if we have multiple copies, both the number of copies and where they are stored.

Paper Was Everywhere. We also have a veritable sea of paper floating around. The solution to this is easy: go paperless. The best way to do this, hands down, is the Fujitsu ScanSnap iX500 Deluxe Bundle Scanner for PC. It includes the Fujitsu ScanSnap iX500 scanner, which is incredibly fast, accurate, flexible, and user-friendly, as well as a full copy of Adobe Acrobat (Standard). It has already helped us digitize a tremendous amount of paper, with more to follow. Of course, Evernote is indispensable for this task, too.

You Need a Budget. Finally, of course, You Need a Budget (affectionately known as YNAB), about which I’ve written before, was also indispensable for the budgeting and money-management side of things.

Disclaimer: the Evernote, YNAB, and Amazon links in this post are affiliate links. I may receive site credits or a portion of the sale for purchases and registrations made through those links.

Userscript for WebdesignerDepot.com Tweet Round-Ups

If you are at all into web design, you likely read WebDesignerDepot.com’s weekly post on their favorite tweets of the week. If not, you should.

If you do read that post, you will notice that only the fancy shortened-URL links are clickable; the images aren’t clickable. This was driving me a little crazy, so I spent about two minutes writing a userscript to make the images clickable.

If you aren’t familiar with userscripts, they are little bits of JavaScript that run in your browser. You need the GreaseMonkey extension for Firefox or the TamperMonkey extension for Chrome to run them. They can add a lot to your web browsing experience.

Here’s the script. You can install it by clicking here.

Free Website Security Certificates (a/k/a Free SSL Certificates)

If you have a website, you almost certainly need to secure it. Even for a simple WordPress blog like this one, security is a real problem; sites get hacked all the time, and even a site like this one can draw hundreds or thousands of hack attempts per day. Sometimes, it’s because hackers discover a new vulnerability. Usually, it’s an old one that just hasn’t been patched yet. But there’s more: hackers can steal your login info and take over your site just by monitoring your traffic over a wireless network, like in a typical coffee shop or airport.

The solution for this is to get a security certificate (commonly, but no longer correctly, known as an SSL certificate). Typically, these cost $100/year or more, depending on what you need. But there’s good news.

The free option for today is StartSSL.com, which will give you a very basic certificate for free. It still requires some technical know-how, but not much; whoever handles your website maintenance now should be able to handle it pretty easily.

It’s about to get a lot easier. In mid-2015, Let’s Encrypt is launching. Let’s Encrypt is a project of the Internet Security Research Group, which consists of some real heavy-hitters in the tech world: Mozilla, Akamai, Cisco, the EFF, and IdenTrust. It will allow you do secure a website with, basically, one click. For free.

So, cost is no longer a barrier to securing your website. Go do it!

How to Make Pretty Blanks in Word

The Problem

If you ever work with Microsoft Word, you have probably needed to insert a blank line or a block of text in a filled-in blank. For example, maybe you want a blank like this:         . Or maybe you want a blank with text in it,      like this     . If you just try turning on underlining and typing a lot of spaces, you don’t get any underlining at all. There’s a right way to work around this that always works, and a wrong way that often results in unprofessional-looking documents. This post will show you the right way.

What many people do is the wrong way around this: they use a combination of underlining and underscore characters, so they end up with something ugly ____like this____, or even worse, ____like this____. The broken line looks unprofessional. The doubling up is just awful.

The Solution

To insert pretty blanks in Word, you can insert a non-breaking space. In Windows, you can do this by pressing Ctrl + Shift + space. For Mac, use Option + space.

An Example

Say you want to type this:   Hello  . The exact key sequence (in Windows) would go like this: Ctrl + U (to start underlining), Ctrl + Shift + spaceCtrl + Shift + space, H, e, l, l, oCtrl + Shift + spaceCtrl + Shift + spaceCtrl + U.

More Uses

 

This is also very valuable for preventing awkward line breaks. For example, in legal writing, you usually want to keep the section symbol (§) with the following text, so you can put a non-breaking space between the symbol and the next character.

Ch-Ch-Changes

As many of my readers know, I have a lot going on right now. We’re expecting our first child, Catherine, in May!

Face 2 Color - fixed

Profile - fixed

Meanwhile, my wife and I are selling our current house in Houston later this week and moving to a Houston suburb (more house, less money, good times). Things are a little busy.

That said, I am going to try to post here a lot more frequently. After all, I started this blog almost 14 years ago, back when “blog” was barely a word, and not one I’d ever heard before. Feel free to hold my feet to the fire! I really want to make more use of this space.

Want to follow what’s going on here? Subscribe by filling in the box on the left, and I’ll keep you posted!

Cereblitz Cart is Coming: A Shopping Cart for Customizable Products

I am very excited to announce the formation of Cereblitz LLC and, with it, the upcoming launch of Cereblitz Cart!

Cereblitz makes the first fully-customizable cart for customizable products

Cereblitz Cart is the First Cart Available to the Public that Supports Truly Customizable Products

Cereblitz Cart is a completely new take on the traditional ecommerce model: you can sell absolutely anything with it.

Traditional carts limit you to items with a few choices – maybe a few colors or sizes – and are basically one-size-fits-all. If that doesn’t actually fit your needs because your products are complex, tough luck.

Cereblitz Cart is different. It is a completely customizable shopping cart, and it supports completely customizable products. With it, you can sell anything, no matter how complex. Need to allow customization, like a custom image or imprint? No problem. Option A is incompatible with Option Q? No problem. Need to allow more than one way to customize the product, price customized products differently, give all the many possibilities their own product codes, and do it all instantly and online? No problem.

Cereblitz Cart is All-Purpose

Obviously, many stores sell customizable products. There are lots of imprintable t-shirt stores, print-your-own-card stores, and so on. Here’s the catch: those are all one-off solutions. They are typically developed in-house, often at a cost of hundreds of thousands of dollars, and completely out of reach for small business.

Cereblitz Cart is different. It can handle everything from mom-and-pops to selling a passenger aircraft, and from selling stock items off the shelf to custom web design packages. Really, the only limit to what you can sell on this platform is your own imagination.

And. It’s. Awesome.

We’ve worked hard on this. In fact, creating Cereblitz Cart cost at least $200,000 worth of developer time.

Before working on this software, I’d spent 15 years developing solutions for customers who have unique products: customizable products with countless variations, special limitations, multiple pricing schemes with discounts and add-on fees, and so on. I’ve even owned and run a business that specialized in selling such products. This cart reflects all of that knowledge from the trenches. And we’re committed to making it better all the time.

The result is, frankly, an awesome product that supports:

  • Unlimited products
  • Unlimited customization
  • Special fees and discounts by product, product group, customization, customer, and more
  • Gift cards
  • Easy-to-use themes – use a pre-packaged one or roll your own!
  • An easy-to-use plugin system
  • Internationalization – support as many languages as you like, and handle different date and currency formats automatically!
  • Flexible sales/use/VAT taxes – collect whatever you have to collect, however you need to do it!
  • Built-in split testing (a/k/a A/B or multivariate testing)
  • Lightning-fast load times (most requests load in 1/20 of a second on a very basic server)
  • Secure transactions – security has been a priority from day one
  • Unlimited flexibility
  • And, most importantly, it supports your business, whatever that may be.

You are going to be able to license all of that for pennies on the dollar.

Interested?

Now, it’s not quite ready. Some lucky customers are using it in a private beta, so we can make sure it’s 100% ready to knock your socks off in the next few weeks.

But, if you sign up for our mailing list now, you will be eligible for an exclusive discount when we go live. (We won’t spam you, I promise.)

So, go check out cereblitz.com and get ready for the revolution in flexible ecommerce software that meets your business’s needs!