MySQL and Letsencrypt


Hello, I have setup a MySQL server with Letsencrypt certificates. I am wondering how to connect this server remotely from Nodejs (or any other) securely? When I connect with mysql command line client it says SSL is enabled. Below is output of mysql client ssl related variables:

| Variable_name | Value |
| ssl_ca | |
| ssl_capath | |
| ssl_cert | /etc/mysql/fullchain.pem |
| ssl_cipher | |
| ssl_crl | |
| ssl_crlpath | |
| ssl_key | /etc/mysql/privkey.pem |

Question is how do I connect to MySQL server from nodejs? In most of tutorials I’ve read the configuration file should look like below, but I don’t have any of those files created by letsencrypt.

  ssl  : {
  ca : fs.readFileSync('./ca.pem')
  key: fs.readFileSync('./client-key.pem'),
  cert: fs.readFileSync('./client-cert.pem')

I have been able to get enrypted connection between nodejs and mysql with following but I think it disables all the benefits of using letsencrypt:

  ssl: {
    rejectUnauthorized: false,


People are really starting to cram Let’s Encrypt into every crevice, huh?

It looks like MySQL is not capable of gracefully reloading the certificate without restarting the entire server: - so you may wish to abandon your plans.

There is no great benefit marrying the Web PKI or Let’s Encrypt with MySQL. Just use a private CA (as the MySQL documentation suggests) for your server and verify the connection from your Node client using the private CA’s certificate.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.