Revision as of 07:51, 5 February 2010

MySQL

MySQL server with SSL

Create a certificate as described in OpenSSL section.
Add the following under each directive on `/etc/my.cnf`, if the directive doesn't exists it should be created

 [client]
 ssl-ca=/etc/pki/openssl/cacert.pem
 ssl-cert=/etc/pki/openssl/client-cert.pem
 ssl-key=/etc/pki/openssl/client-key.pem

 [mysqld]
 ssl-ca=/etc/pki/openssl/cacert.pem
 ssl-cert=/etc/pki/openssl/server-cert.pem
 ssl-key=/etc/pki/openssl/server-key.pem

Restart the server

 service mysqld restart

Test ssl on Mysql
1. Login into MySQL Server

  mysql -u root -p

Check SSL Cipher

  mysql> show status like 'Ssl_cipher';
  +--------------+-------------------+
  | Variable_name| Value             |
  +--------------+-------------------+
  | Ssl_cipher   | DHE-RSA-AES256-SHA|
  +--------------+-------------------+

  1 row in set (0.01 sec)

Done

@@ Line 24: / Line 24: @@
 # Test ssl on Mysql
-#* Login into MySQL Server
+## Login into MySQL Server
 <pre><nowiki>
- mysql -u root -p
+  mysql -u root -p
- </nowiki></pre>
+  </nowiki></pre>
-* Check SSL Cipher
+# Check SSL Cipher
 <pre><nowiki>
- mysql> show status like 'Ssl_cipher';
+  mysql> show status like 'Ssl_cipher';
- +--------------+-------------------+
+  +--------------+-------------------+
- | Variable_name| Value             |
+  | Variable_name| Value             |
- +--------------+-------------------+
+  +--------------+-------------------+
- | Ssl_cipher   | DHE-RSA-AES256-SHA|
+  | Ssl_cipher   | DHE-RSA-AES256-SHA|
- +--------------+-------------------+
+  +--------------+-------------------+
 row in set (0.01 sec)
- </nowiki></pre>
+  </nowiki></pre>
 # Done

Mysql: Difference between revisions

Revision as of 07:51, 5 February 2010

MySQL

MySQL server with SSL

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools