当前位置:七道奇文章资讯数据防范MySQL防范
日期:2011-01-25 22:43:00  来源:本站整理

<b>Linux下安装支持ssl衔接的Mysql</b>[MySQL防范]

赞助商链接



  本文“<b>Linux下安装支持ssl衔接的Mysql</b>[MySQL防范]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
1. 安装 OpenSSL:

下载 OpenSSL Version 0.9.6 (www.openssl.org)

shell> zcat 0.96l.tar.gz | tar xvf -
shell> ./config
shell> make
shell> make install

2. 安装 MySQL:

下载 MySQL Version 4.0.14 Source (mysql-4.0.14.tar.gz)

shell> groupadd mysql
shell> useradd -g mysql mysql

shell> gunzip < mysql-VERSION.tar.gz | tar -xvf -
shell> cd mysql-VERSION

shell> ./configure --prefix=/usr/local/mysql --with –openssl --with -vio
shell> make
shell> make install
shell> cp support-files/my-medium.cnf /etc/my.cnf
shell> cd /usr/local/mysql
shell> bin/mysql_install_db --user=mysql
shell> chown -R root .
shell> chown -R mysql var
shell> chgrp -R mysql .

shell> bin/mysqld_safe --user=mysql &

3. 改正mysql密码及拜候权限 (按照需求.大概造成安全问题)

shell> cd /usr/local/mysql/bin/
shell> ./mysql -u root –p

mysql> INSERT INTO mysql.user VALUES ('%','root', PASSWORD('1qw23e'),'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);

4. 生成SSL证书

DIR=`pwd`/openssl
PRIV=$DIR/private

mkdir $DIR $PRIV $DIR/newcerts
cp /usr/share/ssl/openssl.cnf $DIR
replace ./demoCA $DIR -- $DIR/openssl.cnf

# Create necessary files: $database, $serial and $new_certs_dir
# directory (optional)

touch $DIR/index.txt
echo "01" > $DIR/serial

# Generation of Certificate Authority(CA)
openssl req -new -x509 -keyout $PRIV/cakey.pem -out $DIR/cacert.pem \
-config $DIR/openssl.cnf

Note : if you were requested to enter "PEM pass", please enter different "PEM pass" in the following steps.

# Create server request and key
openssl req -new -keyout $DIR/server-key.pem -out \
$DIR/server-req.pem -days 3600 -config $DIR/openssl.cnf

# Remove the passphrase from the key (optional)
openssl rsa -in $DIR/server-key.pem -out $DIR/server-key.pem

# Sign server cert
openssl ca -policy policy_anything -out $DIR/server-cert.pem \
-config $DIR/openssl.cnf -infiles $DIR/server-req.pem

# Create client request and key
openssl req -new -keyout $DIR/client-key.pem -out \
$DIR/client-req.pem -days 3600 -config $DIR/openssl.cnf

# Remove a passphrase from the key (optional)
openssl rsa -in $DIR/client-key.pem -out $DIR/client-key.pem

# Sign client cert
openssl ca -policy policy_anything -out $DIR/client-cert.pem \
-config $DIR/openssl.cnf -infiles $DIR/client-req.pem


5. 改正选项文

/etc/my.cnf
[client]
ssl-ca=$DIR/cacert.pem
ssl-cert=$DIR/client-cert.pem
ssl-key=$DIR/client-key.pem
[mysqld]
ssl-ca=$DIR/cacert.pem
ssl-cert=$DIR/server-cert.pem
ssl-key=$DIR/server-key.pem

6. 测试启动mysql

$DIR 是选项文件my.cnf 的途径
shell> mysqld --defaults-file=$DIR/my.cnf &
Then invoke a client program using the same option file:
shell> mysql --defaults-file=$DIR/my.cnf

履行以下语句,假如返回以下后果,安装完好成功

mysql> SHOW VARIABLES LIKE 'have_openssl';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| have_openssl | YES |
+---------------+-------+

7. 启动MySQL daemon

/usr/local/libexec/mysqld -u mysql &  大概 /usr/local/sbin/mysqld &   以上是“<b>Linux下安装支持ssl衔接的Mysql</b>[MySQL防范]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章:
  • <b>hosts是什么 hosts文件在什么位置 若何改正hosts</b>
  • <b>在 Windows 8 中手动安装语言包</b>
  • <b>五个常见 PHP数据库问题</b>
  • Windows中Alt键的12个高效快速的利用本领介绍
  • <b>MySQL ORDER BY 的实现解析</b>
  • <b>详解MySQL存储历程参数有三种范例(in、out、inout)</b>
  • <b>Win8系统恢复出来经典的开始菜单的办法</b>
  • <b>Win8系统花屏怎么办 Win8系统花屏的办理办法</b>
  • <b>Windows 7系统下无线网卡安装</b>
  • <b>为什么 Linux不需求碎片整理</b>
  • <b>Windows 8中删除账户的几种办法(图)</b>
  • <b>教你如安在win7下配置路由器</b>
  • 本文地址: 与您的QQ/BBS好友分享!
    • 好的评价 如果您觉得此文章好,就请您
        0%(0)
    • 差的评价 如果您觉得此文章差,就请您
        0%(0)

    文章评论评论内容只代表网友观点,与本站立场无关!

       评论摘要(共 0 条,得分 0 分,平均 0 分) 查看完整评论
    Copyright © 2020-2022 www.xiamiku.com. All Rights Reserved .