Setup MariaDB Self Signed SSL/TLS | Secure Mariadb 10

 in This Tutorial you will Learn "  How To Configure / Setup MariaDB Self Signed SSL/TLS on Rocky Linux 8"
MariaDB Server is one of the most popular open source relational databases.
Homepage - https://mariadb.com/
MariaDB Server Documentation - https://mariadb.com/kb/en/securing-connections-for-client-and-server/
_________________________________________________________________________________________
Server - Os:  Rocky Linux 8.5  64Bit      | IP -192.168.1.60        |Hostname - server.yourdomain.com
_________________________________________________________________________________________
cat /etc/system-release ; dnf groupinstall "Development Tools" -y
dnf module -y install mariadb:10.3
systemctl enable --now mariadb ; systemctl start mariadb ; mysql_secure_installation
gedit /etc/my.cnf.d/charaset.cnf &>/dev/null
[mysqld]
character-set-server = utf8mb4
[client]
default-character-set = utf8mb4

mkdir /etc/mysql ; cd /etc/mysql ; openssl genrsa 2048 > ca-key.pem
openssl req -sha1 -new -x509 -nodes -days 3650 -key ca-key.pem > ca-cert.pem
openssl req -sha1 -newkey rsa:2048 -days 3650 -nodes -keyout server-key.pem > server-req.pem
openssl x509 -sha1 -req -in server-req.pem -days 3650 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
openssl rsa -in server-key.pem -out server-key.pem ; chown -R mysql:mysql /etc/mysql

gedit /etc/my.cnf.d/mariadb-server.cnf &>/dev/null
ssl-ca = /etc/mysql/ca-cert.pem
ssl-cert = /etc/mysql/server-cert.pem
ssl-key = /etc/mysql/server-key.pem
systemctl restart mariadb ; systemctl status mariadb
firewall-cmd --add-service=mysql --permanent ; firewall-cmd --reload
mysql -u root -p
show variables like '%ssl%';
mysql -u root -p --ssl
show status like 'ssl_cipher';
exit
status

_________________________________________________________________________________________