1用root用户登录mysql客户端执行
SHOW VARIABLES LIKE '%ssl%';
Output
+---------------+----------+
| Variable_name | Value |
+---------------+----------+
| have_openssl | DISABLED |
| have_ssl | DISABLED |
| ssl_ca | |
| ssl_capath | |
| ssl_cert | |
| ssl_cipher | |
| ssl_crl | |
| ssl_crlpath | |
| ssl_key | |
+---------------+----------+
have_openssl和have_ssl字段显示DISABLE,表示当前mysql拥有ssl的功能,但是ssl功能未默认启动.
2在mysql的bin目录下执行./mysql_ssl_rsa_setup,会在mysql的data目录下生成8个文件,
-rw------- 1 mysql mysql 1675 Mar 28 16:35 ca-key.pem # CA 私钥
-rw-r--r-- 1 mysql mysql 1082 Mar 28 16:35 ca.pem # 自签的CA证书,客户端连接也需要提供
-rw-r--r-- 1 mysql mysql 10