Java MySQL SSL/TLS certificate validation without using keystore and truststore

Question

I use truststore and keystore files to connect to my MySQL Server with SSL and certificate validation:

I created the truststore/keystore from this three files using this manual: http://dev.mysql.com/doc/connector-j/en/connector-j-reference-using-ssl.html

My Question is, if it is possible to do the certificate validation without a truststore/keystore but instead directely with the : client-key.pem / ca-cert.pem / client-cert.pem

The thing is that I want to keep my application simple and I know that the Database server will always give me the .pem files when we move to another database server. But then the user needs to create new truststore/keystore files, for me it would be nicer if I could only point to the path where the .pem files are located.

One solution is to implement your own `KeyStore` implementation that reads the `PEM` files directly. Then, tell your application to use the custom keystore instead of the java provided file backed one. See http://stackoverflow.com/questions/18513792/using-sslcontext-with-just-a-ca-certificate-and-no-keystore/18514628#18514628. — schtever, Oct 01 '15 at 19:26

Java MySQL SSL/TLS certificate validation without using keystore and truststore

0 Answers0