mysql - Configure SSL certificates with Hibernate, Spring and JDBC -

i'm trying move unencrypted jdbc connection using username , password log in mysql database server, connection using ssl , certificate-based authentication. i'm using hibernate spring mvc. webappconfig file looks this:

package com.****.policymanager.init;  import java.util.properties;  import javax.annotation.resource; import javax.sql.datasource;  import org.springframework.context.annotation.bean; import org.springframework.context.annotation.componentscan; import org.springframework.context.annotation.configuration; import org.springframework.context.annotation.propertysource; import org.springframework.core.env.environment; import org.springframework.jdbc.datasource.drivermanagerdatasource; import org.springframework.orm.hibernate4.hibernatetransactionmanager; import org.springframework.orm.hibernate4.localsessionfactorybean; import org.springframework.transaction.annotation.enabletransactionmanagement; import org.springframework.web.servlet.config.annotation.enablewebmvc; import org.springframework.web.servlet.view.jstlview; import org.springframework.web.servlet.view.urlbasedviewresolver;  @configuration @componentscan("com.sprhib") @enablewebmvc @enabletransactionmanagement @propertysource("classpath:application.properties") public class webappconfig {       private static final string property_name_database_driver = "db.driver";     private static final string property_name_database_password = "db.password";     private static final string property_name_database_url = "db.urlssl";     private static final string property_name_database_username = "db.username";      private static final string property_name_hibernate_dialect = "hibernate.dialect";     private static final string property_name_hibernate_show_sql = "hibernate.show_sql";     private static final string property_name_entitymanager_packages_to_scan = "entitymanager.packages.to.scan";      @resource     private environment env;      @bean     public datasource datasource() {         drivermanagerdatasource datasource = new drivermanagerdatasource();          datasource.setdriverclassname(env.getrequiredproperty(property_name_database_driver));         datasource.seturl(env.getrequiredproperty(property_name_database_url));         datasource.setusername(env.getrequiredproperty(property_name_database_username));         datasource.setpassword(env.getrequiredproperty(property_name_database_password));          return datasource;     }      @bean     public localsessionfactorybean sessionfactory() {         localsessionfactorybean sessionfactorybean = new localsessionfactorybean();         sessionfactorybean.setdatasource(datasource());         sessionfactorybean.setpackagestoscan(env.getrequiredproperty(                 property_name_entitymanager_packages_to_scan));         sessionfactorybean.sethibernateproperties(hibproperties());         return sessionfactorybean;     }      private properties hibproperties() {         properties properties = new properties();         properties.put(property_name_hibernate_dialect,                  env.getrequiredproperty(property_name_hibernate_dialect));         properties.put(property_name_hibernate_show_sql,                  env.getrequiredproperty(property_name_hibernate_show_sql));         return properties;       }      @bean     public hibernatetransactionmanager transactionmanager() {         hibernatetransactionmanager transactionmanager =                  new hibernatetransactionmanager();         transactionmanager.setsessionfactory(sessionfactory().getobject());         return transactionmanager;     }      @bean     public urlbasedviewresolver setupviewresolver() {         urlbasedviewresolver resolver = new urlbasedviewresolver();         resolver.setprefix("/web-inf/pages/");         resolver.setsuffix(".jsp");         resolver.setviewclass(jstlview.class);         return resolver;     }  } 

and properties config file (application.properties) follows:

#db properties: db.driver=com.mysql.jdbc.driver db.url=jdbc:mysql://localhost:3306/policymanager db.urlssl=jdbc:mysql://localhost:3306/policymanager?autoreconnect=true&verifyservercertificate=false&usessl=true&requiressl=true db.username=myuser db.password=mypass  #hibernate configuration: hibernate.dialect=org.hibernate.dialect.mysql5innodbdialect hibernate.show_sql=true entitymanager.packages.to.scan=com.****.policymanager.model 

i've generated right certificates inside /etc/mysql/certs , have edited my.cnf point then, can't find info online how configure specific method of database initialisation use certificate-based authentication remove need store database username , password in plain text on server.

can suggest solution or point me tutorial uses webappconfig.java file (hib properties, drivermanagerdatasource , localsessionfactorybean) it's configuration?

the mysql guide has information on over client side, this bug has detailed information.

it comes done following steps

1. create keystore , truststore clients certificate
2. configure environment (or mysqldatasource) use these keystore , truststore
3. configure connection url (which apparently have done).

and should it. key have correct certificates on client side.

more information:

1. secure jdbc connection mysql glassfish
2. secure jdbc connection mysql java
3. mysql ssl documentation