Certificate files for SSL connection using ZeosLib and MySql database

Question

I have basic knowledge in ssl and when executing the connection of an application made in delphi with ZeosLib in a MySql database, I had a question regarding the certificate. According to information the procedure would be...

CA.Text = c:\mysqlCerts\ca-cert.pem
Cert.Text = c:\mysqlCerts\client-cert.pem
Key.Text = c:\mysqlCerts\client-key.pem

  with ZConnection1 do
  begin
    Connected:= False;
    Database := DB.Text;
    HostName := Host.Text;
    Password := Pass.Text;
    Port     := StrToIntDef(Port.Text,0);
    Protocol := 'mysql-5';
    User     := User.Text;

    if bSSL.Checked then
    begin
      Properties.Values['MYSQL_SSL']:= 'TRUE';
      Properties.Values['MYSQL_SSL_CA']   := CA.Text;
      Properties.Values['MYSQL_SSL_CERT'] := Cert.Text;
      Properties.Values['MYSQL_SSL_KEY']  := Key.Text;
    end;

Variable like MYSQL_SSL_CA, MYSQL_SSL_CERT, MYSQL_SSL_KEY is referring to a path on the server or on the local computer? If it's local computer, wouldn't it be exposing the certificate files from a security point of view? Should I copy the certificate files to the client computer?

Answer 1

According to information, you must create a certificate on the client side and a password will be required to complete the connection or else you must enter the certificate data on the client side on the mysql server, as is done with the certificate on the server side and then the connection secure should work, as with https.

https://www.xmodulo.com/enable-ssl-mysql-server-client.html