Friday, February 18, 2022

Setup Self Signed SSL/TLS on MySQL 8 | Secure MySQL 8

 in This Tutorial you will Learn " How To Setup / Secure Self Signed Certificate SSL/TLS on MySQL 8 On Rocky Linux 8
MySQL is an open-source relational database management system.    
Homepage - https://dev.mysql.com/                     
_________________________________________________________________________________________
Server - Os:  Rocky Linux 8.5  64Bit      | IP -192.168.1.60        |Hostname - server.yourdomain.com
_________________________________________________________________________________________
cat /etc/system-release ; hostname ; hostname -I ; dnf groupinstall "Development Tools" -y
dnf module -y install mysql:8.0
systemctl start mysqld ; systemctl enable --now mysqld ; mysql_secure_installation

mkdir /etc/mysql ; cd /etc/mysql ; openssl genrsa 2048 > ca-key.pem
openssl req -sha1 -new -x509 -nodes -days 3650 -key ca-key.pem > ca-cert.pem
openssl req -sha1 -newkey rsa:2048 -days 3650 -nodes -keyout server-key.pem > server-req.pem
openssl x509 -sha1 -req -in server-req.pem -days 3650 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
openssl rsa -in server-key.pem -out server-key.pem
chown -R mysql:mysql /etc/mysql

gedit /etc/my.cnf.d/mysql-server.cnf &>/dev/null
ssl-ca = /etc/mysql/ca-cert.pem
ssl-cert = /etc/mysql/server-cert.pem
ssl-key = /etc/mysql/server-key.pem
systemctl restart mysqld ; systemctl status mysqld

Verify SSL/TLS Status:-
mysql -u root -p --ssl-mode=required --protocol=tcp
show status like 'ssl_cipher';
show variables like '%ssl%';
status
_________________________________________________________________________________________

No comments:

Post a Comment