Difference between revisions of "Mysql"
From Bashlinux
Line 24: | Line 24: | ||
# Test ssl on Mysql |
# Test ssl on Mysql |
||
− | # |
+ | ## Login into MySQL Server |
+ | |||
− | |||
<pre><nowiki> |
<pre><nowiki> |
||
− | + | mysql -u root -p |
|
− | + | </nowiki></pre> |
|
− | + | # Check SSL Cipher |
|
+ | |||
− | |||
<pre><nowiki> |
<pre><nowiki> |
||
− | + | mysql> show status like 'Ssl_cipher'; |
|
− | + | +--------------+-------------------+ |
|
− | + | | Variable_name| Value | |
|
− | + | +--------------+-------------------+ |
|
− | + | | Ssl_cipher | DHE-RSA-AES256-SHA| |
|
− | + | +--------------+-------------------+ |
|
− | + | 1 row in set (0.01 sec) |
|
− | + | </nowiki></pre> |
|
# Done |
# Done |
Revision as of 07:51, 5 February 2010
MySQL
MySQL server with SSL
- Create a certificate as described in OpenSSL section.
- Add the following under each directive on `/etc/my.cnf`, if the directive doesn't exists it should be created
[client] ssl-ca=/etc/pki/openssl/cacert.pem ssl-cert=/etc/pki/openssl/client-cert.pem ssl-key=/etc/pki/openssl/client-key.pem [mysqld] ssl-ca=/etc/pki/openssl/cacert.pem ssl-cert=/etc/pki/openssl/server-cert.pem ssl-key=/etc/pki/openssl/server-key.pem
- Restart the server
service mysqld restart
- Test ssl on Mysql
- Login into MySQL Server
mysql -u root -p
- Check SSL Cipher
mysql> show status like 'Ssl_cipher'; +--------------+-------------------+ | Variable_name| Value | +--------------+-------------------+ | Ssl_cipher | DHE-RSA-AES256-SHA| +--------------+-------------------+ 1 row in set (0.01 sec)
- Done