How to add ssl certificate for MySQL connection for metricbeat

Where can i add the SSL certificate to connect to MySQL server when i configure the MySQL module file (mysql.yaml)?

Sorry if this is something obvious but i can't find it anywhere.

Here it says that there is an example to use a module with SSL but the ssl.verification mode is set to none and there is no place to specify where the SSL certificate is located.

Even in the MySQL module there is no mention of applying an SSL certificate to the configuration file

Hi @Aurel_Drejta - Can you add the tls parameter in your host DSN and check if that works?

Hi @ropc

It seems that got me closer to a solution but i have a tiny hiccup now.

I'm trying to connect to a MySQL instance hosted in AWS RDS and when i try to connect to it the metricbeat logs display "x509: certificate signed by unknown authority"

Any idea how i can add the AWS RDS certificate in order to use a tls connection?
The RDS certificates are public and i have them downloaded from their website.

Or do i have to do something else?

I'll try to do this in an EC2 instance to see if maybe the instance will trust the authority.

@Aurel_Drejta - I do not think there is any option right now in the MySQL module or Metricbeat to specify a list of trusted certificates to connect to the database. If you use the tls=true option, what you could do is to:

That should do the trick (I tested it in my lab).

@ropc - Yep that did the trick. Thank for the help, i very much appreciate it.

I think the MySQL module for Metricbeat should add an option to specify the certificate you can use to connect.
( Just an idea for future improvements )

1 Like

@Aurel_Drejta I opened a Github issue in the beats repository. You can subscribe to it for further updates. Thanks again for your collaboration and I am glad we solved your problem :slightly_smiling_face:

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.