SSL support

By default, Cloud SQL allows unencrypted connections from authorized networks. This is not good, as it allows traffic to be intercepted, possibly leading to a data breach. In order to avoid this, Cloud SQL can be configured to use SSL and optionally block all non-SSL traffic. Managing Cloud SQL SSL requires the Cloud SQL Admin permission or greater. To disable unencrypted traffic from authorized networks, go to the SSL tab and click Allow only SSL Connections, or use the following command:

gcloud sql instances patch <INSTANCE> --require-ssl

Before using SSL, developers must download the Cloud SQL server's CA certificate, use it to generate a client certificate, and upload that client certificate to Cloud SQL. Cloud SQL supports ...

Get Building Google Cloud Platform Solutions now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.