Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Support PEM file to connect to MySQL DB with SSL certificate #1350
This would allow us to connect directly to our RDS instance.
The Metabase documentation suggests that it will try to use SSL. However, connections to the database seem to fail for users that have been configured to require SSL. Apparently Metabase does not use/consider the public key as issued by Amazon... So +1 on this!
CREATE USER 'metabase_read_only'@'%' IDENTIFIED BY 'crazyPassword'; GRANT SELECT ON databaseName.* TO 'metabase_read_only'@'%';
@jefffriesen this is the way we connect to a AWS RDS MySQL instance (read-replica)
@holtkamp, your solution works and you're spot on about the issues you describe with requiring SSL vs. not requiring it.
The documentation says you can change the SSL setting in Metabase but I couldn't figure out where to do that (I may be missing something though):
Of lesser danger if properly managed, but still not ideal, allowing even one user to connect without SSL opens up the possibility of someone indavertently setting up an unencrypted connection down the line.
I'd love to hear people's thoughts on my above concerns. Thus far, I have had no success setting up Metabase and an SSL RDS connection. I tried both Heroku and Elastic Beanstalk but unless I blindly trust Metabase to use SSL, I can't enforce it. Am I overthinking this?
referenced this issue
May 31, 2017
+1 I have a Google Cloud instance (managed MySql 5.7.14) I wish to connect to. It is setup to only allow SSL connections.