国产探花免费观看_亚洲丰满少妇自慰呻吟_97日韩有码在线_资源在线日韩欧美_一区二区精品毛片,辰东完美世界有声小说,欢乐颂第一季,yy玄幻小说排行榜完本

首頁 > 數據庫 > MySQL > 正文

MySQL配置SSL主從復制

2024-07-24 12:49:29
字體:
來源:轉載
供稿:網友

MySQL5.6 創建SSL文件方法

官方文檔:https://dev.mysql.com/doc/refman/5.6/en/creating-ssl-files-using-openssl.html#creating-ssl-files-using-openssl-unix-command-line

Create clean environment

mkdir /home/mysql/mysqlcerts && cd /home/mysql/mysqlcerts

Create CA certificate

openssl genrsa 2048 > ca-key.pem
openssl req -new -x509 -nodes -days 3600 -key ca-key.pem -out ca.pem

Create server certificate, remove passphrase, and sign it

server-cert.pem = public key, server-key.pem = private key
openssl req -newkey rsa:2048 -days 3600 -nodes -keyout server-key.pem -out server-req.pem
openssl rsa -in server-key.pem -out server-key.pem
openssl x509 -req -in server-req.pem -days 3600 -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem

Create client certificate, remove passphrase, and sign it

client-cert.pem = public key, client-key.pem = private key
openssl req -newkey rsa:2048 -days 3600  -nodes -keyout client-key.pem -out client-req.pem
openssl rsa -in client-key.pem -out client-key.pem
openssl x509 -req -in client-req.pem -days 3600 -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem
openssl verify -CAfile ca.pem server-cert.pem client-cert.pem
server-cert.pem: OK
client-cert.pem: OK

MySQL5.7 創建SSL文件方法

官方文檔:https://dev.mysql.com/doc/refman/5.7/en/creating-ssl-rsa-files-using-mysql.html

mkdir -p  /home/mysql/mysqlcerts
/usr/local/mysql-5.7.21-linux-glibc2.12-x86_64/bin/mysql_ssl_rsa_setup  --datadir=/home/mysql/mysqlcerts/

主庫創建SSL后進行配置

從庫 192.168.1.222

mkdir -p  /home/mysql/mysqlcerts

主庫

chown -R mysql.mysql  /home/mysql/mysqlcerts/
scp ca.pem client-cert.pem client-key.pem root@192.168.1.222:/home/mysql/mysqlcerts/

主庫授權

GRANT REPLICATION SLAVE ON *.* TO 'repl'@'192.168.1.222' identified by '' require ssl;

主庫 my.cnf

#SSL
ssl-ca=/home/mysql/mysqlcerts/ca.pem
ssl-cert=/home/mysql/mysqlcerts/server-cert.pem
ssl-key=/home/mysql/mysqlcerts/server-key.pem

restart mysql

從庫

chown -R mysql.mysql  /home/mysql/mysqlcerts/

my.cnf

ssl-ca=/home/mysql/mysqlcerts/ca.pem
ssl-cert= /home/mysql/mysqlcerts/client-cert.pem
ssl-key= /home/mysql/mysqlcerts/client-key.pem

創建復制:

change master to master_host='',master_user='',master_password='',master_log_file='mysql-bin.000001',master_log_pos=154,   master_ssl=1, master_ssl_ca='/home/mysql/mysqlcerts/ca.pem', master_ssl_cert='/home/mysql/mysqlcerts/client-cert.pem',  master_ssl_key='/home/mysql/mysqlcerts/client-key.pem' ,MASTER_CONNECT_RETRY=10;

發表評論 共有條評論
用戶名: 密碼:
驗證碼: 匿名發表
主站蜘蛛池模板: 台东县| 三江| 龙州县| 读书| 阿鲁科尔沁旗| 余庆县| 阿鲁科尔沁旗| 来安县| 陇川县| 崇礼县| 同江市| 平湖市| 泰安市| 汉源县| 桂平市| 冷水江市| 科技| 长葛市| 交城县| 克东县| 临清市| 探索| 诸暨市| 中牟县| 云龙县| 三门县| 石台县| 彭水| 高阳县| 鄂伦春自治旗| 尼勒克县| 琼中| 潮州市| 文成县| 三明市| 平凉市| 钟祥市| 苍山县| 钟祥市| 海宁市| 山西省|