下载MariaDB
请自行选择适合版本 https://mariadb.com/downloads/
or curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
我用的CentOS6
wget https://downloads.mariadb.com/MariaDB/mariadb-10.3.14/yum/centos/mariadb-10.3.14-rhel-6-x86_64-rpms.tar
tar xf mariadb-10.3.14-rhel-6-x86_64-rpms.tar
./mariadb-10.3.14-rhel-6-x86_64-rpms/setup_repository
yum install MariaDB-server openssl -y
mkdir /home/mydata/{
data,ibdata,log-bin,ssl,sock,pid,relay-bin} -p
通过OpenSSL 生成ca 证书
mkdir /home/mydata/ssl
cd /home/mydata/ssl
#C=国家代码(例如:中国CN),ST=省份(例如:北京BJ),L=城市(例如:北京BJ),O=组织(例如:baidu):,OU=单位(例如:baidu):,CN=域名(例如:*.baidu.com)\n"
C=CN
ST=BJ
L=BJ
O=xxx
OU=xxxx
CN=*.example.com
subject="/C="${C}"/ST="${ST}"/L="${L}"/O="${O}"/OU="${OU}"/CN="${CN}
CN_ca=*.example.ca
subject_ca="/C="${C}"/ST="${ST}"/L="${L}"/O="${O}"/OU="${OU}"/CN="${CN_ca}
# 根据提示填写各个字段, 但注意 Common Name 最好是有效根域名(如 zeali.net ),
# 并且不能和后来服务器证书签署请求文件中填写的 Common Name 完全一样,否则会
# 导致证书生成的时候出现
# error 18 at 0 depth lookup:self signed certificate 错误
openssl genrsa 2048 > ca-key.pem
openssl req -new -x509 -nodes -days 365000 \
-key ca-key.pem -out ca-cert.pem -subj ${subject_ca}
# Create server certificate, remove passphrase, and sign it
# server-cert.pem = public key, server-key.pem = private key
openssl req -newkey rsa:2048 -days 365000 \
-nodes -keyout server-key.pem -out server-req.pem -subj $subject
openssl rsa -in server-key.pem -out server-key.pem
openssl x509 -req -in server-req.pem -days 365000 \
-CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem