Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Ho to set up SSL env
- docker-compose up -d mysql80X
- exec inside
- find /var/lib/mysql -name '*.pem' -ls
- cd /etc/mysql
- require_secure_transport = ON
- restart container
- CREATE USER 'remote_user'@'%' IDENTIFIED BY 'password' REQUIRE SSL;
- CREATE DATABASE example;
- GRANT ALL ON example.* TO 'remote_user'@'%;
- FLUSH PRIVILEGES;
- ALTER USER 'remote_user'@'%' REQUIRE X509;
- FLUSH PRIVILEGES;
- mysql -u remote_user -p -h mysql_server_IP --ssl-ca=~/client-ssl/ca.pem --ssl-cert=~/client-ssl/client-cert.pem --ssl-key=~/client-ssl/client-key.pem
- jdbc:mysql://192.168.99.100:33081/example?useSSL=true&requireSSL=true
- ./mysql.exe -u remote_user -p -h 192.168.99.100 --port=33081 --ssl-ca=/e/__tmp/mysqlssl/ca.pem --ssl-cert=/e/_
- _tmp/mysqlssl/client-cert.pem --ssl-key=/e/__tmp/mysqlssl/client-key.pem
- -- optional
- ./keytool.exe -keystore /c/Program\ Files/JetBrains/DataGrip\ 2018.3.2/jre64/lib/security/cacerts -importcert
- -alias mysqlssl -file /e/__tmp/mysqlssl/ca.pem
- ./keytool.exe -keystore /c/Program\ Files/JetBrains/DataGrip\ 2018.3.2/jre64/lib/security/cacerts -importcert
- -alias mysqlssl -file /e/__tmp/mysqlssl/ca.pem -keystore /e/__tmp/mysqlssl/truststore.jks
- -Djavax.net.ssl.trustStore="E:\__tmp\mysqlssl\truststore.jks" -Djavax.net.ssl.trustStorePassword=password -Djavax.net.debug=all -Djavax.net.ssl.keyStore="E:\__tmp\mysqlssl\truststore.jks" -Djavax.net.ssl.keyStorePassword=password -Djdk.tls.client.protocols="TLSv1"
Add Comment
Please, Sign In to add comment
