SSL Zertifikat selbst erstellen für MariaDB oder MySql

cd /etc/mysql/

openssl genrsa 2048 > ca-key.pem
openssl req -new -x509 -nodes -days 3650 -key ca-key.pem > ca-cert.pem

openssl req -newkey rsa:2048 -days 3560 -nodes -keyout server-key.pem > server-req.pem
openssl rsa -in server-key.pem -out server-key.pem
openssl x509 -req -in server-req.pem -days 3650 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem

openssl req -newkey rsa:2048 -days 3650 -nodes -keyout client-key.pem > client-req.pem
openssl rsa -in client-key.pem -out client-key.pem
openssl x509 -req -in client-req.pem -days 3650 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > client-cert.pem

chmod 400 /etc/mysql/*.pem
chown mysql /etc/mysql/*.pem

 

my.cnf anpassen

ssl-ca=/etc/mysql/ca-cert.pem
ssl-cert=/etc/mysql/server-cert.pem
ssl-key=/etc/mysql/server-key.pem

MariaDB oder Mysql neustarten:

/etc/init.d/mysql restart

IT Service Zwilla in 68623 Lampertheim (Hofheim im Ried) ☎️ ?? 06241-5063185 ? info@zwilla.de