mysql安装 ssl连接_Linux 下安装支持SSL连接的 Mysql

1. 安装 OpenSSL:下载 OpenSSL Version 0.9.6 (www.openssl.org)shell> zcat 0.96l.tar.gz | tar xvf -shell> ./configshell> makeshell> make install2. 安装 MySQL:下载 MySQL Version 4.0.14 Source (mysql-4.0.14.tar.gz) shell> groupadd mysql shell> useradd -g mysql mysql shell> gunzip < mysql-VERSION.tar.gz | tar -xvf - shell> cd mysql-VERSION shell> ./configure --prefix=/usr/local/mysql --with –openssl --with -vio shell> make shell> make install shell> cp support-files/my-medium.cnf /etc/my.cnf shell> cd /usr/local/mysql shell> bin/mysql_install_db --user=mysql shell> chown -R root . shell> chown -R mysql var shell> chgrp -R mysql . shell> bin/mysqld_safe --user=mysql & 3. 修改mysql密码及访问权限　(根据需要。可能造成安全问题)shell>　cd /usr/local/mysql/bin/shell>　./mysql -u root –pmysql>　INSERT INTO mysql.user VALUES ('%','root', PASSWORD('1qw23e'),'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); 4.   生成SSL证书DIR=`pwd`/opensslPRIV=$DIR/privatemkdir $DIR $PRIV $DIR/newcertscp /usr/share/ssl/openssl.cnf $DIRreplace ./demoCA $DIR -- $DIR/openssl.cnf# Create necessary files: $database, $serial and $new_certs_dir# directory (optional)touch $DIR/index.txtecho "01" > $DIR/serial# Generation of Certificate Authority(CA)openssl req -new -x509 -keyout $PRIV/cakey.pem -out $DIR/cacert.pem \-config $DIR/openssl.cnfNote : if you were requested to enter "PEM pass", please enter different "PEM pass" in the following steps.# Create server request and keyopenssl req -new -keyout $DIR/server-key.pem -out \  $DIR/server-req.pem -days 3600 -config $DIR/openssl.cnf# Remove the passphrase from the key (optional)openssl rsa -in $DIR/server-key.pem -out $DIR/server-key.pem# Sign server certopenssl ca -policy policy_anything -out $DIR/server-cert.pem \  -config $DIR/openssl.cnf -infiles $DIR/server-req.pem# Create client request and keyopenssl req -new -keyout $DIR/client-key.pem -out \  $DIR/client-req.pem -days 3600 -config $DIR/openssl.cnf# Remove a passphrase from the key (optional)openssl rsa -in $DIR/client-key.pem -out $DIR/client-key.pem# Sign client certopenssl ca -policy policy_anything -out $DIR/client-cert.pem \-config $DIR/openssl.cnf -infiles $DIR/client-req.pem5.   修改选项文件　/etc/my.cnf[client]ssl-ca=$DIR/cacert.pemssl-cert=$DIR/client-cert.pemssl-key=$DIR/client-key.pem[mysqld]ssl-ca=$DIR/cacert.pemssl-cert=$DIR/server-cert.pemssl-key=$DIR/server-key.pem6. 测试启动mysql$DIR 是选项文件my.cnf 的路径shell> mysqld --defaults-file=$DIR/my.cnf &Then invoke a client program using the same option file: shell> mysql --defaults-file=$DIR/my.cnf执行以下语句，如果返回以下结果，安装完全成功mysql> SHOW VARIABLES LIKE 'have_openssl';+---------------+-------+| Variable_name | Value |+---------------+-------+| have_openssl | YES   |+---------------+-------+7. 启动MySQL　daemon/usr/local/libexec/mysqld -u mysql & 　或者　/usr/local/sbin/mysqld &PS：国内这方面资料不多。。我也是看mysql 帮助和install 帮助弄的。希望没有误人子弟。：)

小编推荐：欲学习电脑技术、系统维护、网络管理、编程开发和安全攻防等高端IT技术，请 点击这里注册账号，公开课频道价值万元IT培训教程免费学，让您少走弯路、事半功倍，好工作升职加薪！

免责声明：本站系公益性非盈利IT技术普及网，本文由投稿者转载自互联网的公开文章，文末均已注明出处，其内容和图片版权归原网站或作者所有，文中所述不代表本站观点，若有无意侵权或转载不当之处请从网站右下角联系我们处理，谢谢合作！