环境:linux mint 15
安装openssl:
sudo apt-get install openssl
查看mysql的ssl是否开启了(在mysql 命令行中):
show variables like '%ssl%'; 若没开启则`have_openssl`和`have_ssl`选项的值为DISABLED。
生成证书(在mysql server主机下):
建议在/etc/mysql建立目录certs:
# cd /etc/mysql/
# mkdir certs
# cd certs
# openssl genrsa 2048 > ca-key.pem
# openssl req -new -x509 -nodes -days 1095 -key ca-key.pem -out ca-cert.pem
# openssl req -newkey rsa:2048 -days 1095 -nodes -keyout server-key.pem -out server-req.pem
# openssl rsa -in server-key.pem -out server-key.pem
# openssl x509 -req -in server-req.pem -days 1095 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem 注意,如果`sudo openssl genrsa 2048 > ca-key.pem`的话会提示权限不够。
之后修改mysql服务器主机下的配置文件:
# vim /etc/mysql/my.cnf 在`[mysql