Difference between revisions of "Secure MySQL Connection"
| Line 10: | Line 10: | ||
To know if your server already has OpenSSL installed execute "openssl" from ssh or from a command prompt. If you see "OpenSSL>" it is already installed. | To know if your server already has OpenSSL installed execute "openssl" from ssh or from a command prompt. If you see "OpenSSL>" it is already installed. | ||
==== CentOS 5/6, Fedora 15, Redhat 5 ==== | ==== CentOS 5/6, Fedora 15, Redhat 5 ==== | ||
| − | + | <source lang="bash">yum install openssl</source> | |
==== Debian 6, Ubuntu 10/11/12 ==== | ==== Debian 6, Ubuntu 10/11/12 ==== | ||
| − | + | <source lang="bash">apt-get install openssl</source> | |
====Windows==== | ====Windows==== | ||
| Line 20: | Line 20: | ||
Important: Execute the following commands line by line. Don't execute them all at once. | Important: Execute the following commands line by line. Don't execute them all at once. | ||
====Linux==== | ====Linux==== | ||
| − | + | <source lang="bash">cd /home/tcadmin/Database | |
| − | + | mkdir sslcerts | |
| − | + | cd sslcerts | |
| − | + | openssl genrsa 2048 > ca-key.pem | |
| − | + | openssl req -new -x509 -nodes -days 9000 -key ca-key.pem > ca-cert.pem | |
| − | + | openssl req -newkey rsa:2048 -days 9000 -nodes -keyout server-key.pem > server-req.pem | |
openssl rsa -in server-key.pem -out server-key.pem | openssl rsa -in server-key.pem -out server-key.pem | ||
| − | openssl x509 -req -in server-req.pem -days 9000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem | + | openssl x509 -req -in server-req.pem -days 9000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem</source> |
Revision as of 02:10, 17 December 2012
Contents
Overview
MySQL supports secure (encrypted) connections between MySQL clients and the server using the Secure Sockets Layer (SSL) protocol. This article explains how to configure your MySQL server and TCAdmin.
How to configure the MySQL Server
The following instructions are provided for your convenience. We do not provide support for configuring ssl on your MySQL server.
For detailed instructions read the MySQL reference manual: http://dev.mysql.com/doc/refman/5.0/en/creating-ssl-certs.html
Install OpenSSL
To know if your server already has OpenSSL installed execute "openssl" from ssh or from a command prompt. If you see "OpenSSL>" it is already installed.
CentOS 5/6, Fedora 15, Redhat 5
yum install openssl
Debian 6, Ubuntu 10/11/12
apt-get install openssl
Windows
OpenSSL for Windows can be downloaded from http://slproweb.com/products/Win32OpenSSL.html
Create the Server Certificates
Important: Execute the following commands line by line. Don't execute them all at once.
Linux
cd /home/tcadmin/Database mkdir sslcerts cd sslcerts openssl genrsa 2048 > ca-key.pem openssl req -new -x509 -nodes -days 9000 -key ca-key.pem > ca-cert.pem openssl req -newkey rsa:2048 -days 9000 -nodes -keyout server-key.pem > server-req.pem openssl rsa -in server-key.pem -out server-key.pem openssl x509 -req -in server-req.pem -days 9000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem