- Data Structure
- Networking
- RDBMS
- Operating System
- Java
- MS Excel
- iOS
- HTML
- CSS
- Android
- Python
- C Programming
- C++
- C#
- MongoDB
- MySQL
- Javascript
- PHP
- Physics
- Chemistry
- Biology
- Mathematics
- English
- Economics
- Psychology
- Social Studies
- Fashion Studies
- Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
mysql_ssl_rsa_setup - Create SSL/RSA Files in MySQL
Let us understand mysql_ssl_rsa_setup program −
This program helps create the SSL certificate, key files and the RSA key-pair files that are required to support secure connections with the help of SSL and secure password exchange using RSA over unencrypted connections, if they are missing. The mysql_ssl_rsa_setup program can be used to create new SSL files if the existing ones have expired.
Invoking mysql_ssl_rsa_setup
The mysql_ssl_rsa_setup can be invoked as shown below −
shell> mysql_ssl_rsa_setup [options]
Some of the options include --datadir which is used to specify where to create the files, and the --verbose option to see the ‘openssl’ commands that mysql_ssl_rsa_setup executes.
The ‘mysql_ssl_rsa_setup’ command attempts to create SSL and RSA files with the help of a default set of file names. It works as shown below −
The mysql_ssl_rsa_setup checks for the openssl binary at the locations specified by the PATH environment variable. If openssl is not found, mysql_ssl_rsa_setup doesn’t take any action.
If openssl is present, mysql_ssl_rsa_setup looks up for the default SSL and RSA files in the MySQL data directory which is specified by the --datadir option, or which could be compiledin data directory if the --datadir option is not provided.
The mysql_ssl_rsa_setup checks the data directory by looking for SSL files with the following names −
ca.pem server-cert.pem server-key.pem
If any of the above mentioned files are present, mysql_ssl_rsa_setup creates no SSL files.
Else, it invokes the openssl to create the files, and a few additional files −
ca.pem (It is the self-signed CA certificate) ca-key.pem (It is the CA private key) server-cert.pem (It is the server certificate) server-key.pem (It is the server private key) client-cert.pem (It is the client certificate) client-key.pem (It is the client private key)
These files help secure client connections with the help of SSL.
The mysql_ssl_rsa_setup also checks the data directory for RSA files with the names as mentioned below −
private_key.pem (It is the private member of private/public key pair) public_key.pem (It is the public member of private/public key pair)