[<<][sql][>>][..]
Tue May 20 14:17:11 EDT 2014

Setting up mysql with SSL access

I'm doing this from a fresh debian install.
- Make sure to config root user with a password (autogen, long)
- in /etc/mysql/keys:

# ca certificate
openssl genrsa 2048 >ca-key.pem
openssl req -new -x509 -nodes -days 3600 -key ca-key.pem >ca-cert.pem

# server key
openssl req -newkey rsa:2048 -days 3600 -nodes -keyout server-key.pem >server-req.pem
openssl x509 -req -in server-req.pem -days 3600 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 >server-cert.pem

# client key
openssl req -newkey rsa:2048 -days 3600 -nodes -keyout client-key.pem >client-req.pem
openssl x509 -req -in client-req.pem -days 3600 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 >client-cert.pem

chmod 400 *.pem

- in mysql command line:
GRANT ALL PRIVILEGES ON *.* TO 'tom'@'%' IDENTIFIED BY '<pw>' REQUIRE SSL;


# then connect:
mysql -ussluser -pssluser -P3430 --ssl-key=


[1] http://askubuntu.com/questions/194074/enabling-ssl-in-mysql
[2] http://www.chriscalender.com/?p=448
[3] http://stackoverflow.com/questions/5016505/mysql-grant-all-privileges-on-database




[Reply][About]
[<<][sql][>>][..]