Created
May 8, 2019 09:00
-
-
Save fhdalikhan/27461530147a0b6eb281f5db1826912b to your computer and use it in GitHub Desktop.
Generate self signed certificate and add to MariaDB / MySQL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // generate cert | |
| @see https://mariadb.com/kb/en/library/certificate-creation-with-openssl/ | |
| // Add to my.ini | |
| @see https://mariadb.com/kb/en/library/securing-connections-for-client-and-server/ | |
| [mariadb] | |
| ssl_cert = D:/work/mysql-certs/server-cert.pem | |
| ssl_key = D:/work/mysql-certs/server-key.pem | |
| ssl_ca = D:/work/mysql-certs/cacert.pem | |
| // open hosts file | |
| // add the FQDN which we used to generate cacert.pem, for e.g. we used ClientCertOne as the FQDN for the cert. | |
| 127.0.0.1 ClientCertOne | |
| // to verify if ssl is used run below sql | |
| SHOW STATUS LIKE 'Ssl_cipher' | |
| // for PHP laravel | |
| dump( DB::select("SHOW STATUS LIKE 'Ssl_cipher'") ); | |
| // another useful link: https://www.digitalocean.com/community/tutorials/how-to-configure-ssl-tls-for-mysql-on-ubuntu-16-04 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment