Skip to main content
Skip to main content
Edit this page

ClickPipes for MySQL FAQ

Does the MySQL ClickPipe support MariaDB?

Yes, the MySQL ClickPipe supports MariaDB 10.0 and above. The configuration for it is very similar to MySQL, using GTID replication by default.

Does the MySQL ClickPipe support PlanetScale, Vitess, or TiDB?

No, these do not support MySQL's binlog API.

How is replication managed?

We support both GTID & FilePos replication. Unlike Postgres there is no slot to manage offset. Instead, you must configure your MySQL server to have a sufficient binlog retention period. If our offset into the binlog becomes invalidated (eg, mirror paused too long, or database failover occurs while using FilePos replication) then you will need to resync the pipe. Make sure to optimize materialized views depending on destination tables, as inefficient queries can slow down ingestion to fall behind the retention period.

It's also possible for an inactive database to rotate the log file without allowing ClickPipes to progress to a more recent offset. You may need to setup a heartbeat table with regularly scheduled updates.

Why am I getting a TLS certificate validation error when connecting to MySQL?

When connecting to MySQL, you may encounter certificate errors like x509: certificate is not valid for any names or x509: certificate signed by unknown authority. These occur because ClickPipes enables TLS encryption by default.

You have several options to resolve these issues:

  1. Set the TLS Host field - When the hostname in your connection differs from the certificate (common with AWS PrivateLink via Endpoint Service). Set "TLS Host (optional)" to match the certificate's Common Name (CN) or Subject Alternative Name (SAN).

  2. Upload your Root CA - For MySQL servers using internal Certificate Authorities or Google Cloud SQL in the default per-instance CA configuration. For more information on how to access Google Cloud SQL certificates, see this section.

  3. Configure server certificate - Update your server's SSL certificate to include all connection hostnames and use a trusted Certificate Authority.

  4. Skip certificate verification - For self-hosted MySQL or MariaDB, whose default configurations provision a self-signed certificate we can't validate (MySQL, MariaDB). Relying on this certificate encrypts the data in transit but runs the risk of server impersonation. We recommend properly signed certificates for production environments, but this option is useful for testing on a one-off instance or connecting to legacy infrastructure.