SSL (Secure Socket Layer) uses data encryption, authentication, and message integrity verification mechanisms to provide security assurance for application-layer protocols based on reliable connections such as TCP. If the user's transmission is not via SSL, then the data is transmitted in plaintext on the network, which opens up opportunities for people with ulterior motives. Therefore, many large websites now have SSL function enabled. Similarly, in our database, if the client connects to the server to obtain data instead of using an SSL connection, the data can be stolen during transmission.
The main functions provided by the SSL protocol are:
1. Confidentiality of data transmission: The transmitted data is encrypted using a symmetric key algorithm.
2. Authentication mechanism: Based on the certificate, the server and the client are authenticated using digital signature methods, where the authentication of the client is optional.
3. Message integrity verification: MAC algorithms are used to verify the integrity of messages during message transmission.
When using .NET/C# to operate a MySQL database,The default value for SslMode is Preferred, if the server supports it, use SSL.
The hyperlink login is visible.
Using the default method, in the case of a large number of concurrency, the error may be as follows:
English Message : Connection open error . Authentication to host '192.168.1.100' for user 'itsvse' using method 'mysql_native_password' failed with message: Reading from the stream has failed.
Connection open error . error connecting: Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached.
Using SSL ensures the security of data transmission, but it also reduces the efficiency of query and execution, increasing the pressure on the database and programs. Since our database is in a private network environment, it is relatively very secure, and there is no need for transmission encryption, so we can improve efficiency and performance without SSL encryption.
Before and after SSL performance comparison (QPS):The hyperlink login is visible.
From the test data, it can be found that after enabling SSL, the database QPS is reduced by about 23% on average, which is relatively affecting performance. From the perspective of SSL implementation, it is necessary to shake hands, encrypt, decrypt and other operations when establishing a connection. Therefore, the time spent is basically in the connection stage, which may cause greater performance loss for applications that use short links, such as PHP development. However, it may be much better if you use connection pools or long connections.
To improve performance, modify the connection string as follows:
(End)
|
Posted on 6/18/2021 9:41:15 AM
|
|
|
|
Landlord|
Posted on 2/11/2022 11:33:08 AM
|
Posted on 4/11/2022 3:09:04 PM
|
