mysql with ssl 5.7_MySQL5.7的搭建以及SSL证书

Centos7 安装MySQL 5.7 (通用二进制包)

1.1  下载软件包

1.2  安装

官方文档:https://dev.mysql.com/doc/refman/5.7/en/binary-installation.htmlpython

[root@db01 src]# ll

total 638680

-rw-r--r-- 1 root root 654007697 Aug 28 18:39 mysql-5.7.17-linux-glibc2.5-x86_64.tar.gz

[root@db01 src]# tar xf mysql-5.7.17-linux-glibc2.5-x86_64.tar.gz

[root@db01 src]# ll

total 638680

drwxr-xr-x 9 root root 120 Aug 28 18:45 mysql-5.7.17-linux-glibc2.5-x86_64

-rw-r--r-- 1 root root 654007697 Aug 28 18:39 mysql-5.7.17-linux-glibc2.5-x86_64.tar.gz

[root@db01 src]# mv mysql-5.7.17-linux-glibc2.5-x86_64 ../mysql

[root@db01 src]# useradd mysql -s /sbin/nologin -M

[root@db01 src]# mkdir -p /data/mysql

[root@db01 src]# chown -R mysql.mysql /data/mysql/ /usr/local/mysql/

[root@db01 src]# cd ../mysql/

[root@db01 mysql]# ./bin/mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/data/mysql

2018-08-28T10:47:23.429133Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).

2018-08-28T10:47:26.301233Z 0 [Warning] InnoDB: New log files created, LSN=45790

2018-08-28T10:47:26.578937Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.

2018-08-28T10:47:26.728515Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: c0e8dc08-aaaf-11e8-b620-000c29605a1f.

2018-08-28T10:47:26.773967Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.

2018-08-28T10:47:26.785100Z 1 [Note] A temporary password is generated for root@localhost: 2F=6?08hUw5J

[root@db01 mysql]# \cp support-files/mysql.server /etc/init.d/mysqld

[root@db01 data]# cat /etc/my.cnf

[client]

port = 3306

[mysqld]

port = 3306

pid_file = /data/mysql/mysql.pid

datadir = /data/mysql

ssl-ca=/data/mysql/ca.pem

ssl-cert=/data/mysql/server-cert.pem

ssl-key=/data/mysql/server-key.pem

default_storage_engine = InnoDB

max_allowed_packet = 512M

max_connections = 2048

open_files_limit = 65535

skip-name-resolve

lower_case_table_names=1

innodb_buffer_pool_size = 512M

innodb_file_per_table = 1

innodb_flush_log_at_trx_commit = 0

key_buffer_size = 64M

log-error = /data/mysql/mysql_error.log

log-bin = /data/mysql/mysql-bin

slow_query_log = 1

long_query_time = 5

tmp_table_size = 32M

max_heap_table_size = 32M

query_cache_type = 0

query_cache_size = 0

server-id=1

[root@db01 ~]# echo "export PATH=$PATH:/usr/local/mysql/bin" >> /etc/profile

[root@db01 ~]# source /etc/profile

[root@db01 ~]# mysql -uroot -p'2F=6?08hUw5J'

#生成ssl证书

[root@db01 ~]# mysql_ssl_rsa_setup --basedir=/usr/local/mysql --datadir=/data/mysql

[root@db01 ~]# chown -R mysql.mysql /data/mysql

mysql> show variables like "ssl%";

ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.

mysql> show variables like "ssl%";

ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.

mysql> set password = password("123456");

Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> show variables like "%ssl%";

+---------------+-----------------------------+

| Variable_name | Value |

+---------------+-----------------------------+

| have_openssl | YES |

| have_ssl | YES |

| ssl_ca | /data/mysql/ca.pem |

| ssl_capath | |

| ssl_cert | /data/mysql/server-cert.pem |

| ssl_cipher | |

| ssl_crl | |

| ssl_crlpath | |

| ssl_key | /data/mysql/server-key.pem |

+---------------+-----------------------------+

9 rows in set (0.00 sec)

你可能感兴趣的:(mysql,with,ssl,5.7)