MySQL Database server “enforce SSL connection” should be enabled

Description

MySQL Database server “enforce SSL connection” should be enabled. Enforcing SSL connections between your database server and your client applications helps protect against “man in the middle” attacks by encrypting the data stream between the server and your application.

Portal Remediation Steps

  • Navigate to Azure Database for MySQL Servers and select your server

  • Select Connection Security

  • Set “Enforce SSL connection” to ENABLED

Azure CLI Remediation Steps

  • To enable the “Enforce SSL connection” setting:

    • az mysql server update --resource-group <your-resource-group> --name <your-server-name> --ssl-enforcement Enabled