Prepare Database Connection
Learn about configuring database connections for Oracle GoldenGate for MySQL.
Oracle GoldenGate for MySQL is packaged with a MySQL client and uses that client to connect to MySQL databases. Connections are established by using a direct connection and supplying the database server host, port, database name, and other information.
Connections are created manually by adding a database connection to the Administration Service's web interface or through the Admin Client.
To set up the database connection from Oracle GoldenGate for a MySQL deployment, see Add Database Connections.
Configuring a Two-way SSL Connection for MySQL Extract and Replicat
To use Mutual TLS (mTLS or two-way SSL) with Oracle GoldenGate for MySQL Extract and
Replicat, you need to supply the full paths of the certificate authority
(ca.pem
), the client certificate
(client-cert.pem
) and the client key
(client-key.pem
) files to the capture and delivery.
https://dev.mysql.com/doc/refman/8.0/en/creating-ssl-rsa-files-using-mysql.html
You need to provide these paths in the Extract and Replicat parameter
files using the SETENV
parameter.
Following are the SETENV
environment parameters to set
the two-way SSL connection:
-
OGG_MYSQL_OPT_SSL_CA
: Sets the full path of the certification authority. -
OGG_MYSQL_OPT_SSL_CERT
: Sets the full path of the client certificate. -
OGG_MYSQL_OPT_SSL_KEY
: Sets the full path of the client key.
SETENV (OGG_MYSQL_OPT_SSL_CA='/var/lib/mysql.pem')
SETENV (OGG_MYSQL_OPT_SSL_CERT='/var/lib/mysql/client-cert.pem')
SETENV (OGG_MYSQL_OPT_SSL_KEY='/var/lib/mysql/client-key.pem')
For a MySQL user
configured with X509 encryption scheme, the MySQL database requires the
ssl-key
and ssl-cert
options at the time of
logging in. So, when an Oracle GoldenGate credential store entry is created for
this user, the SSL options in the credential store alias must mandatorily include
sslKey
and sslCert
regardless of
sslMode
used.