In case you haven’t heard, I am now a proud daddy! Our adorable little girl, Catherine Jane Cottrell, arrived last month. Mom and baby are both doing well.
If you ever make remote connections to a MySQL database, it’s extremely important to connect over SSL. Otherwise, you run the risk of someone seeing data in transit, modifying data in transit, or, worst of all, stealing your credentials. This could be an utter disaster.
Unfortunately, getting MySQL to use SSL is kind of complicated. Here’s how to do it.
Make Sure SSL is Enabled
First, make sure your installation of MySQL supports SSL. Using PHPMyAdmin, a MySQL command-line prompt, or whatever you prefer, run this command:
You should get a result looking something like this:
If you see “DISABLED” next to “have_openssl” and “have_ssl”, great – that means that your copy of MySQL supports SSL. If you see “NO”, you need to recompile or reinstall MySQL. If you see “YES”, you’re already done!
Create SSL Certificates
Now, you need to create some SSL certificates. Go to wherever you want to store them (I’d suggest something like
/home/mysql/certs) and run the following commands:
Enter information as needed at the prompts. This will create self-signed client and server keys for you to use. The last two lines are very important! OpenSSL versions 1.0 and newer create keys in the PKCS #8 format, but MySQL expects them to be in the PKCS #1 format, so you have to run these commands to convert the keys we just created. You can read more about that problem in this Ask Ubuntu question: Enabling SSL in MySQL.
Tell MySQL to Use the Certificates
Edit your my.cnf file (probably at /etc/my.cnf) to include the following entries:
(If you used a directory other than
/home/mysql/certs above, use it in the entries here.) If your my.cnf file already has
client sections, just add the appropriate entries to those sections.
Restart MySQL. The command varies by system, but will usually be something like
service mysql restart.
Run this command again:
You should see something like this:
If so, congratulations! You’re done! If not, you might find the post Debugging MySQL SSL Problems on the Percona blog helpful.
Have you had problems with MySQL over SSL? Let me know in the comments! I’ll try to help you out!
As I posted here and again here, I stood for election as a moderator on Stack Overflow this year. While I was not elected, I made it much further than I expected and finished in sixth place out of 32 nominees, 30 primary candidates, and 10 general-election candidates.
Stack Overflow is an amazing site, and the moderators have a tremendous responsibility. The candidates elected are all excellent choices who I know are already making the site even better. That said, I greatly appreciate the thousands of people who cast a vote for me, and I am deeply humbled that so many people thought of me as a good choice for the role. Thank you.
In case you missed my first post on this topic, I am a candidate in the 2015 Stack Overflow moderator elections. I made it through the nomination phase (32 candidates) and primary (30 candidates), and now I’m in the general election with only 10 candidates for 3 spots remaining! I am extremely honored and humbled to have received so many votes in the primary phase, especially with so many amazing candidates. Thank you to all who supported me!
Well, it has been about a month since we moved, so it’s time for me to share a few thoughts about it.
You Need Professionals. Moving is a huge pain. So are the processes of selling and buying houses. You know that. I know that. But there are people out there who refuse to let it get them down. We worked with some amazing people. Our real estate agent and mortgage broker made an awesome team and headed off a potential disaster when one of the other parties involved ran into problems. Our movers were similarly, awesomely efficient and professional. If you are looking to move in the Houston, Texas area, give me a shout; I would love to recommend them to you.
Keys Were Everywhere. One of the biggest surprises for me was just how many unidentified keys we had floating around. When I was a little kid, I thought old keys were awesome. Now, they are just unrecognized but potentially important clutter, the worst kind of tchotchke. My solution: henceforth, every key we own gets cataloged in Evernote, with a photo, a description of what it does, and, if we have multiple copies, both the number of copies and where they are stored.
Paper Was Everywhere. We also have a veritable sea of paper floating around. The solution to this is easy: go paperless. The best way to do this, hands down, is the Fujitsu ScanSnap iX500 Deluxe Bundle Scanner for PC. It includes the Fujitsu ScanSnap iX500 scanner, which is incredibly fast, accurate, flexible, and user-friendly, as well as a full copy of Adobe Acrobat (Standard). It has already helped us digitize a tremendous amount of paper, with more to follow. Of course, Evernote is indispensable for this task, too.
Disclaimer: the Evernote, YNAB, and Amazon links in this post are affiliate links. I may receive site credits or a portion of the sale for purchases and registrations made through those links.
If you are at all into web design, you likely read WebDesignerDepot.com’s weekly post on their favorite tweets of the week. If not, you should.
If you do read that post, you will notice that only the fancy shortened-URL links are clickable; the images aren’t clickable. This was driving me a little crazy, so I spent about two minutes writing a userscript to make the images clickable.
Here’s the script. You can install it by clicking here.
If you have a website, you almost certainly need to secure it. Even for a simple WordPress blog like this one, security is a real problem; sites get hacked all the time, and even a site like this one can draw hundreds or thousands of hack attempts per day. Sometimes, it’s because hackers discover a new vulnerability. Usually, it’s an old one that just hasn’t been patched yet. But there’s more: hackers can steal your login info and take over your site just by monitoring your traffic over a wireless network, like in a typical coffee shop or airport.
The solution for this is to get a security certificate (commonly, but no longer correctly, known as an SSL certificate). Typically, these cost $100/year or more, depending on what you need. But there’s good news.
The free option for today is StartSSL.com, which will give you a very basic certificate for free. It still requires some technical know-how, but not much; whoever handles your website maintenance now should be able to handle it pretty easily.
It’s about to get a lot easier. In mid-2015, Let’s Encrypt is launching. Let’s Encrypt is a project of the Internet Security Research Group, which consists of some real heavy-hitters in the tech world: Mozilla, Akamai, Cisco, the EFF, and IdenTrust. It will allow you do secure a website with, basically, one click. For free.
So, cost is no longer a barrier to securing your website. Go do it!
If you ever work with Microsoft Word, you have probably needed to insert a blank line or a block of text in a filled-in blank. For example, maybe you want a blank like this: . Or maybe you want a blank with text in it, like this . If you just try turning on underlining and typing a lot of spaces, you don’t get any underlining at all. There’s a right way to work around this that always works, and a wrong way that often results in unprofessional-looking documents. This post will show you the right way.
What many people do is the wrong way around this: they use a combination of underlining and underscore characters, so they end up with something ugly ________, or even worse, . The broken line looks unprofessional. The doubling up is just awful.
To insert pretty blanks in Word, you can insert a non-breaking space. In Windows, you can do this by pressing
Ctrl + Shift + space. For Mac, use
Option + space.
Say you want to type this: Hello . The exact key sequence (in Windows) would go like this:
Ctrl + U (to start underlining),
Ctrl + Shift + space,
Ctrl + Shift + space,
Ctrl + Shift + space,
Ctrl + Shift + space,
Ctrl + U.
This is also very valuable for preventing awkward line breaks. For example, in legal writing, you usually want to keep the section symbol (§) with the following text, so you can put a non-breaking space between the symbol and the next character.
As many of my readers know, I have a lot going on right now. We’re expecting our first child, Catherine, in May!
Meanwhile, my wife and I are selling our current house in Houston later this week and moving to a Houston suburb (more house, less money, good times). Things are a little busy.
That said, I am going to try to post here a lot more frequently. After all, I started this blog almost 14 years ago, back when “blog” was barely a word, and not one I’d ever heard before. Feel free to hold my feet to the fire! I really want to make more use of this space.
Want to follow what’s going on here? Subscribe by filling in the box on the left, and I’ll keep you posted!