;; Remove the passphrase client-key (optional) opensslrsa-inclient-key.pem-outclient-key.pem;; signed client certificate opensslca-policypolicy_anything-outclient-cert.pem-configopenssl.cnf-infilesclient-req.pem # Sampleoutput: # Usingconfigurationfrom/usr/local/EnterPEMpassphrase myssl/openssl.cn #: # Checkthattherequestmatchesthesignature # Signatureok # TheSubjectsDistinguishedNameisasfollows # countryName: PRINTABLE: ' CN ' # organizationName: PRINTABLE: ' CenteurCA ' # commonName: PRINTABLE: ' MySQLuser ' # CertificateistobecertifieduntilMay1816 08: 202006GMT # (365days) # Signthecertificate? [y/n]: y ### 1outof1certificaterequestscertified, commit? [y/n] y # Writeoutdatabasewith1newentries # DataBaseUpdated modify/etc/my.cnf, add the following content: [client] ssl-ca =/usr/local/myssl/cacert.pem ssl-cert =/usr/local/myssl/client-cert.pem ssl-key =/usr/local/myssl/client-key.pem [mysqld] ssl-ca =/usr/local/myssl/cacert.pem ssl-cert =/usr/local/myssl/server-cert.pem ssl-key =/usr/local/myssl/server-key.pem restart mysql service/usr/local/etc/rc.d/mysql-serverrestart
No comments:
Post a Comment