Activating SSL on clients
To connect through SSL, ensure you have set up the user’s grant with ‘REQUIRE SSL’ syntax, similar to below:
$ CREATE SCHEMA testdb;
$ GRANT ALL PRIVILEGES ON testdb.* TO 'test'@'127.0.0.1' IDENTIFIED BY 'password' REQUIRE SSL;
$ FLUSH PRIVILEGES;
Test the console connections by using the following command:
$ mysql -u test-p -h 127.0.0.1 -P3306 --ssl-ca=/etc/ssl/mysql/ca-cert.pem --ssl-cert=/etc/ssl/mysql/client-cert.pem --ssl-key=/etc/ssl/mysql/client-key.pem
Or specify the SSL configuration options inside my.cnf (or .my.cnf for user’s option file) under [client] directive:
[client]
ssl-ca=/etc/ssl/mysql/ca-cert.pem
ssl-cert=/etc/ssl/mysql/client-cert.pem
ssl-key=/etc/ssl/mysql/client-key.pem
All connections from client applications now fully encrypted.
To connect through SSL, ensure you have set up the user’s grant with ‘REQUIRE SSL’ syntax, similar to below:
$ CREATE SCHEMA testdb;
$ GRANT ALL PRIVILEGES ON testdb.* TO 'test'@'127.0.0.1' IDENTIFIED BY 'password' REQUIRE SSL;
$ FLUSH PRIVILEGES;
Test the console connections by using the following command:
$ mysql -u test-p -h 127.0.0.1 -P3306 --ssl-ca=/etc/ssl/mysql/ca-cert.pem --ssl-cert=/etc/ssl/mysql/client-cert.pem --ssl-key=/etc/ssl/mysql/client-key.pem
Or specify the SSL configuration options inside my.cnf (or .my.cnf for user’s option file) under [client] directive:
[client]
ssl-ca=/etc/ssl/mysql/ca-cert.pem
ssl-cert=/etc/ssl/mysql/client-cert.pem
ssl-key=/etc/ssl/mysql/client-key.pem
All connections from client applications now fully encrypted.
