I have been looking into using X.509 certificate based authentication for Ignition DB connections to MySQL, but I can’t seem to find much of anything on that topic in the Ignition documentation or the forums.
It is already working with SSL/TLS but without using a certificate on the client side (the client being Ignition). In this case in MySQL the DB user would have REQUIRE SSL. Therefore all data going across is encrypted but the authentication is just by username and password.
It would also be nice to have the capability to require a client certificate to authenticate Ignition as the DB client. (MySQL user with REQUIRE X509).
I have found some forum postings on other forums on how to install and use client certificates in JDBC connections, but these specifically relate to Oracle Java JDK 1.6 and later.
This approach could be possible with Ignition 7 and earlier, but with Ignition 8 moving to Azul Systems Java, I’m not sure how relevant those procedures would be for Ignition 8.
From what I can tell, Ignition 8 install only installs the Azul Java runtime, without any development kit.
So my questions are:
Is there a way to install a client certificate in the Azul Java certificate store with only the Java runtime installed?
If not, is there an available development kit or other tools that would make this possible?
Is there something built into Ignition that I have missed, that would allow this?
Thanks so much for any answers or information!!