DATABASELINK TUTORIAL

Secure Socket Layer (SSL)
This feature is not supported on the Wolfram Cloud.

Secure Socket Layer (SSL) is a protocol for providing secure transactions between servers and clients. It uses a certificate to identify one or both ends of the transaction. It can be useful for database communications to protect any authentication information, such as usernames and passwords, as well as the actual data itself.

Some databases support SSL and some do not. To know if your database supports SSL, you need to study the documentation for your database and work with the administrator of the database. If your database can be configured to use SSL with JDBC, it should be possible to configure DatabaseLink to communicate with the database using SSL.

One database that does support SSL is MySQL, and it is possible for DatabaseLink to communicate with a MySQL database using SSL. You will need to configure the database to provide SSL communications and generate a certificate. To do this you will need to work with the administrator of your database.

There are typically four stages to setting up SSL to work with a MySQL database.

1.  Get a certificate of authority.

2.  Generate a truststore file.

3.  Configure Java to use the truststore.

4.  Configure the connection to use SSL.

The administrator of the server should be able to provide the certificate of authority; suppose this is called CA.cer.

You need to generate the truststore file. This can be done with the keytool executable that is part of a Java Runtime Environment (JRE). You can use the version included in the JRE that ships with the Wolfram Language. To generate the truststore file, you would need to execute the following in some type of shell (e.g. a command prompt on Windows).

This will generate the file truststore.

The next stage is to modify your Java command line for J/Link to refer to the truststore file. This can be done by adding the following settings, in which you need to give the full pathname to the truststore file that was generated.

If you are running the Wolfram Language inside a web server, such as webMathematica, you will need to add these settings to the server that launches Java by following your server documentation. If you are running the Wolfram Language in a standalone fashion, you can add the settings to the options of Java by executing the following before you load DatabaseLink.

Finally, you need to modify the URL that connects to the database. This can be done by placing an extra parameter with a "?", as shown in the following.

It should be noted that not all databases support SSL, and that databases other than MySQL that do support SSL may need to be configured in a different way to work with DatabaseLink.