Since one of my web applications involves
sensitive/confidential data I was
advised by my server administrator to encrypt the connection
between database
server (mysql) and application server besides enabling SSL on
the web server
(https) which is already done. My server admin says he can
force MySql to only
accept secure connections from app server but wonders if the
client (coldfusion)
has the ability to connect to the mysql database via SSL.
Would you please let me
know if coldfusion can connect to mysql via ssl and how to
test that?
Is your webserver and mysql not located on the same local
network?
Also, one solution would be to encrypt the sensitive data
before transfering and storing it in the database. This would
ensure if the database was hacked that the data would still be
secure.
Thanks a lot for your reply. Yes, the webserver and mysql are
actually located on the same local network. Does that mean the data
back and force between coldusion and mysql is secure?
Encrypting the data is a good idea. Do you know if it is easy
to do to do that under coldfusion?