MariaDB/SkySQL (MySQL-compatible) Spatial: Add Database Connection

To define a new connection from the Connection parameter in a MariaDB/SkySQL (MySQL-compatible) Spatial format:

  • Select Add Database Connection. See database-specific parameters below, as well as the section Adding a Database Connection in a Workspace in Using Database Connections The new connection can be made visible only to the current user, or can be shared among multiple users.
Note  To select an existing, previously defined connection, see the section Reusing a Database Connection in Using Database Connections

Database Connection

MariaDB (MySQL compatible)

Name

Enter a name for the new connection. Entering a descriptive name allows you to easily find the connection in future workspaces.

The following characters are not allowed in connection names: ^ \ / : * ? " < > | & = ' + % #

Connection Parameters

Host

This specifies the machine running the MySQL DBMS as either an IP address or host name. The database must have proper permissions and be set up to accept TCP/IP connections if connecting from a remote machine.

Port

When connecting remotely, this specifies the TCP/IP port on which to connect to the DBMS service. The default port is 3306.

Database

This field is automatically populated with the information specified in the Input Dataset field, which specifies the name of the MySQL database. The database must exist in the DBMS. (This can be verified by executing the query SHOW DATABASES in the MySQL query interpreter.)

Enter the username and password to access the service.

SSL Parameters

Enable TLS/SSL

When selected, this option enables the MariaDB Reader/Writer to securely connect to the database using TLS encryption. This will also enable editing further TLS/SSL parameters.

TLS/SSL Authentication Method

This option provides two selections for connecting to databases using TLS:

  • One-Way – One-way TLS means that only the server provides a private key and an X509 certificate. When TLS is used without a client certificate, it is called "one-way" TLS, because only the server can be authenticated.
  • Two-Way – Two-way TLS means that both the client and server provide a private key and an X509 certificate. It is called "two-way" TLS because both the client and server can be authenticated.

CA Certificate

Input for a path to a PEM file that should contain one or more X509 certificates for trusted Certificate Authorities (CAs) to use for TLS. This option requires that you use the absolute path, not a relative path.

Client Certificate (Two-way TLS Only)

Input for a path to the client X509 certificate file to use for TLS. This option requires that you use the absolute path, not a relative path.

Client Private Key (Two-way TLS Only)

Input for a path to the client private key file to use for TLS. This option requires that you use the absolute path, not a relative path.

Cipher Suites (optional)

Text input for a comma-separated list of permitted ciphers or cipher suites to use for TLS.

Require TLS/SSL

When this option is checked, FME will attempt to connect to the server using TLS. It does not prevent the connection from being created if the server does not support TLS.

Verify Server Certificate

When this option is checked, FME will verify the server's certificate by checking the Common Name (CN) attribute located in the Subject field of the certificate against the server's host name and IP address. If the Common Name (CN) matches either of those, then the certificate is verified.