- 论坛徽章:
- 0
|
MYSQL加密连接安装步骤
首先要下载MYSQL源代码包,进行安装:
shell> groupadd mysql
shell> useradd -g mysql mysql
shell> gunzip < mysql-VERSION.tar.gz | tar -xvf -
shell> cd mysql-VERSION
shell> ./configure --prefix=/usr/local/mysql --with –openssl --with -vio
//这个步骤就是上面说的configure MYSQL
shell> make
shell> make install
shell> cp support-files/my-medium.cnf /etc/my.cnf
shell> cd /usr/local/mysql
shell> bin/mysql_install_db --user=mysql
shell> chown -R root .
shell> chown -R mysql var
shell> chgrp -R mysql .
shell> bin/mysqld_safe --user=mysql &
这时MYSQL已安装完,接着修改mysql密码及访问权限
shell> cd /usr/local/mysql/bin/
shell> ./mysql -u root –p
mysql> INSERT INTO mysql.user VALUES ('%','root', PASSWORD('1qw23e'),'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','X509','','','',0,0,0,0);
其中user表的ssl_type字段值设为x509
然后要生成ssl证书并修改my.cnf,详见http://dev.mysql.com/doc/refman/5.0/en/secure-create-certs.html
重启一下mysql,加密连接就生效了。客户端连接mysql时就得提供ssl证书。 |
|