mysql_ssl_rsa_setup - Create SSL/RSA files in MySQL

Let us know about mysql_ssl_rsa_setup program−

This program helps in creating SSL certificate, key file and RSA key pair file to support security using SSL connection, and uses RSA over an unencrypted connection for secure password exchange if they are missing. If the existing SSL file has expired, you can use the mysql_ssl_rsa_setup program to create a new SSL file.

Calling mysql_ssl_rsa_setup

Mysql_ssl_rsa_setup can be called as follows:

shell> mysql_ssl_rsa_setup [options]

Some of the options include --datadir, which specifies the location where the file is created, and the --verbose option , used to view the 'openssl' command executed by mysql_ssl_rsa_setup.

The 'mysql_ssl_rsa_setup' command attempts to create SSL and RSA files using the default set of file names. Here's how it works:

• mysql_ssl_rsa_setup checks for the openssl binary at the location specified by the PATH environment variable. If openssl is not found, mysql_ssl_rsa_setup does nothing.

• If openssl is present, mysql_ssl_rsa_setup looks for default SSL and RSA files in the MySQL data directory specified by the --datadir option, or if the --datadir option is not provided. The data directory specified at compile time.

mysql_ssl_rsa_setup Check the data directory by looking for an SSL file with the following name:

ca.pem
server-cert.pem
server-key.pem

mysql_ssl_rsa_setup will not create an SSL file if any of the files mentioned above exist.

Otherwise, it calls openssl to create these files, and also creates some additional files −

ca.pem (It is the self-signed CA certificate)
ca-key.pem (It is the CA private key)
server-cert.pem (It is the server certificate)
server-key.pem (It is the server private key)
client-cert.pem (It is the client certificate)
client-key.pem (It is the client private key)

These files help secure the client connection over SSL.

mysql_ssl_rsa_setup will also check the RSA file in the data directory, the file name is as follows −

private_key.pem (It is the private member of private/public key pair)
public_key.pem (It is the public member of private/public key pair)

The above is the detailed content of mysql_ssl_rsa_setup - Create SSL/RSA files in MySQL. For more information, please follow other related articles on the PHP Chinese website!