Difference between revisions of "Mysql"

From Bashlinux

Jump to: navigation, search

Revision as of 07:50, 5 February 2010

MySQL

MySQL server with SSL

Create a certificate as described in OpenSSL section.
Add the following under each directive on `/etc/my.cnf`, if the directive doesn't exists it should be created

 [client]
 ssl-ca=/etc/pki/openssl/cacert.pem
 ssl-cert=/etc/pki/openssl/client-cert.pem
 ssl-key=/etc/pki/openssl/client-key.pem

 [mysqld]
 ssl-ca=/etc/pki/openssl/cacert.pem
 ssl-cert=/etc/pki/openssl/server-cert.pem
 ssl-key=/etc/pki/openssl/server-key.pem

Restart the server

 service mysqld restart

Test ssl on Mysql
- Login into MySQL Server

 mysql -u root -p

Check SSL Cipher

 mysql> show status like 'Ssl_cipher';
 +--------------+-------------------+
 | Variable_name| Value             |
 +--------------+-------------------+
 | Ssl_cipher   | DHE-RSA-AES256-SHA|
 +--------------+-------------------+

 1 row in set (0.01 sec)

Done

Retrieved from "http://wiki.bashlinux.com/index.php?title=Mysql&oldid=542"

Navigation menu