Help Center> GaussDB(for MySQL)> User Guide> HTAP Analysis> Data Security> Configuring SSL
Updated on 2024-05-21 GMT+08:00
View PDF

Configuring SSL

Secure Socket Layer (SSL) is an encryption-based Internet security protocol for establishing secure links between a server and a client. It provides privacy, authentication, and integrity to Internet communications. SSL:

  • Authenticates users and servers, ensuring that data is sent to the correct clients and servers.
  • Encrypts data to prevent data theft.
  • Ensures data integrity during transmission.

SSL is enabled by default for HTAP instances. Enabling SSL increases the network connection response time and CPU usage, and you are advised to evaluate the impact on service performance before enabling SSL.

You can use a client to connect to an HTAP instance through a non-SSL or SSL connection.

  • If SSL is enabled for the instance, you can connect to the instance using SSL, which is more secure.
  • If SSL is disabled, you can only connect to the instance using a non-SSL connection.
  • Enabling or disabling SSL will reboot the instance immediately. During the reboot, the instance is unavailable. Rebooting an instance will clear its cache. To prevent traffic congestion during peak hours, you are advised to reboot it during off-peak hours.
  • After SSL encryption is enabled, the client can access the HTAP instance only through HTTPS port 8443, TCP port 9440, and MySQL port 3306. After SSL encryption is disabled, the client can access the HTAP instance only through HTTP port 8123, TCP port 9000, and MySQL port 3306.

Enabling SSL

  1. Log in to the management console.
  2. Click in the upper left corner and select a region and a project.
  3. Click in the upper left corner of the page, choose Databases > GaussDB(for MySQL).
  4. On the Instances page, click the instance name to go to the Basic Information page.
  5. In the navigation pane on the left, choose HTAP Analysis. Locate an HTAP instance and click its name to go to the Basic Information page.
  6. In the DB Instance Information area, click in the SSL field.
  7. In the displayed dialog box, click Yes.
  8. On the Basic Information page, view the results.

Disabling SSL

  1. On the Instances page, click the instance name to go to the Basic Information page.
  2. In the navigation pane on the left, choose HTAP Analysis. Locate an HTAP instance and click its name to go to the Basic Information page.
  3. In the DB Instance Information area, click in the SSL field.

    Figure 2 Disabling SSL

  4. In the displayed dialog box, click Yes.
  5. On the Basic Information page, view the results.

    To connect the HTAP instance using a non-SSL connection, see Connecting to an HTAP Instance Through JDBC.

Parent topic: Data Security