[Ach] postgresql diff

[Berg San]

On 11/26/2013 08:21 PM, L. Aaron Kaplan wrote:

[...]
> Thanks!! Fantastic. It's really a joy to read this section. It's precise, short, quick to reed, I have all the info that I need and it works.

Thx!

I've attached a small diff:
.) added the mysql reference
.) %s/client-/server-/

> What about the other DBs? Do you think we can still make this? Anybody here with Oracle experience, can someone test Oracle settings? The T-Systems hardening guide has multiple pages on Oracle. Some of them related to crypto.

I can't promise, but I have a contact to a DB2 dba.

Cheers
Berg

-------------- next part --------------
diff --git a/src/practical_settings/DBs.tex b/src/practical_settings/DBs.tex
index 06c5c83..1c14cd8 100644
--- a/src/practical_settings/DBs.tex
+++ b/src/practical_settings/DBs.tex
@@ -24,8 +24,8 @@
 [mysqld]
 ssl
 ssl-ca=/etc/mysql/ssl/ca-cert.pem
-ssl-cert=/etc/mysql/ssl/client-cert.pem
-ssl-key=/etc/mysql/ssl/client-key.pem
+ssl-cert=/etc/mysql/ssl/server-cert.pem
+ssl-key=/etc/mysql/ssl/server-key.pem
 ssl-cipher=EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EDH+CAMELLIA256:EECDH:EDH+aRSA:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128:!ECDSA:AES256-SHA
 \end{lstlisting}
 
@@ -37,8 +37,7 @@ ssl-cipher=EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EDH+CAMELLIA256
 % in case you have the need for further justifications why you chose this and that setting or if the settings do not fit into the standard Variant A or Variant B schema, please document this here
 
 \item[References:]
-
-\todo{add references}
+{\small \url{https://dev.mysql.com/doc/refman/5.5/en/ssl-connections.html}}
 
 % add any further references or best practice documents here