目录
我们在连接某些数据库时,需要提供ssl证书,如果是IT的数据库,那么可能会提供下载。
如果是自己想做,可参考如下步骤:
https://dev.mysql.com/doc/refman/5.7/en/creating-ssl-rsa-files-using-mysql.html
https://www.cnblogs.com/anlia/p/5920820.html
https://www.cnblogs.com/MYSQLZOUQI/p/7089135.html
这个一般会生成以下几个文件:
ca.pem Self-signed CA certificate
ca-key.pem CA private key
server-cert.pem Server certificate
server-key.pem Server private key
client-cert.pem Client certificate
client-key.pem Client private key
我们在客户端代码连接时需要提供 ca-cert.pem client-cert.pem client-key.pem
1、django程序的配置
django一般有两种情况,需要自己测试,在settings.py配置文件中,新增OPTIONS参数
# 第一种(虽然下载的文件有三个,但是只需提供ca_cert.pem,key不能是'ca',要写'key')
# CAPATH是我存放ssl证书的目录
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'Times',
'HOST': 'maria3163-us-fm-in.icloud.intel.com',
'PORT': 3307,
'USER': 'Times_so',
'PASSWORD': 'uElT6MhNrV1RkLc',
'OPTIONS': {
'ssl': {
'key': os.path.join(CAPATH, 'ca_cert.pem'),
}
}
}
}
# 第二种 (三者全部提供)
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'Times',
'HOST': 'maria3163-us-fm-in.icloud.intel.com',
'PORT': 3307,
'USER': 'Times_so',
'PASSWORD': 'uElT6MhNrV1RkLc',
'OPTIONS': {
'ssl': {
'ca': os.path.join(CAPATH, 'ca_cert.pem'),
'key': os.path.join(CAPATH, 'client_key.pem'),
'cert': os.path.join(CAPATH, 'client_cert.pem')
}
}
}
}
2、pymysql连接数据库
class Models:
def __init__(self, host, port, user, pwd, database):
self.conn = pymysql.connect(
host=host,
port=port,
user=user,
password=pwd,
database=database,
charset='utf8',
connect_timeout=31536000,
ssl = {
'ssl': {
'ca': os.path.join(settings.CAPATH, 'ca_cert.pem'),
'key': os.path.join(settings.CAPATH, 'client_key.pem'),
'cert': os.path.join(settings.CAPATH, 'client_cert.pem')
}
}
)
self.cursor = self.conn.cursor(cursor=pymysql.cursors.DictCursor)
3、DBUtils数据库连接池连接配置
POOL = PooledDB(
creator=pymysql,
maxconnections=100,
mincached=2,
maxcached=5,
maxshared=3,
blocking=True,
maxusage=None,
setsession=[],
ping=0,
host=db_host,
port=int(db_port),
user=db_user,
password=db_password,
database=database,
charset='utf8',
autocommit='True',
ssl = {
'ssl': {
'ca': os.path.join(settings.CAPATH, 'ca_cert.pem'),
'key': os.path.join(settings.CAPATH, 'client_key.pem'),
'cert': os.path.join(settings.CAPATH, 'client_cert.pem')
}
}
)
class Mysql(object):
def __init__(self, POOL):
self.conn = POOL.connection()
self.cursor = self.conn.cursor(pymysql.cursors.DictCursor)
model_obj = Mysql(POOL)