Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
mysql_ssl_rsa_setup - Create SSL/RSA Files in MySQL
Let us understand mysql_ssl_rsa_setup program −
This program helps create the SSL certificate, key files and the RSA key-pair files that are required to support secure connections with the help of SSL and secure password exchange using RSA over unencrypted connections, if they are missing. The mysql_ssl_rsa_setup program can be used to create new SSL files if the existing ones have expired.
Invoking mysql_ssl_rsa_setup
The mysql_ssl_rsa_setup can be invoked as shown below −
shell> mysql_ssl_rsa_setup [options]
Some of the options include --datadir which is used to specify where to create the files, and the --verbose option to see the ‘openssl’ commands that mysql_ssl_rsa_setup executes.
The ‘mysql_ssl_rsa_setup’ command attempts to create SSL and RSA files with the help of a default set of file names. It works as shown below −
The mysql_ssl_rsa_setup checks for the openssl binary at the locations specified by the PATH environment variable. If openssl is not found, mysql_ssl_rsa_setup doesn’t take any action.
If openssl is present, mysql_ssl_rsa_setup looks up for the default SSL and RSA files in the MySQL data directory which is specified by the --datadir option, or which could be compiledin data directory if the --datadir option is not provided.
The mysql_ssl_rsa_setup checks the data directory by looking for SSL files with the following names −
ca.pem server-cert.pem server-key.pem
If any of the above mentioned files are present, mysql_ssl_rsa_setup creates no SSL files.
Else, it invokes the openssl to create the files, and a few additional files −
ca.pem (It is the self-signed CA certificate) ca-key.pem (It is the CA private key) server-cert.pem (It is the server certificate) server-key.pem (It is the server private key) client-cert.pem (It is the client certificate) client-key.pem (It is the client private key)
These files help secure client connections with the help of SSL.
The mysql_ssl_rsa_setup also checks the data directory for RSA files with the names as mentioned below −
private_key.pem (It is the private member of private/public key pair) public_key.pem (It is the public member of private/public key pair)
484 Views
