wiki:technical:percona
Различия
Показаны различия между двумя версиями страницы.
| Предыдущая версия справа и слеваПредыдущая версияСледующая версия | Предыдущая версия | ||
| wiki:technical:percona [2023/05/23 16:40] – [Добавляем пользователя MySQL] Diman | wiki:technical:percona [2023/05/23 23:32] (текущий) – [Генерация сертификатов] Diman | ||
|---|---|---|---|
| Строка 92: | Строка 92: | ||
| FLUSH PRIVILEGES; | FLUSH PRIVILEGES; | ||
| </ | </ | ||
| + | ==== Генерация сертификатов ==== | ||
| + | <code bash> | ||
| + | # Генерация сертификатов | ||
| + | mkdir / | ||
| + | # Generate CA key and certificate | ||
| + | # Generate the CA key file: | ||
| + | openssl genrsa 2048 > ca-key.pem | ||
| + | # Generate the CA certificate file: | ||
| + | openssl req -new -x509 -nodes -days 9999 -key ca-key.pem -out ca.pem | ||
| + | |||
| + | # Generate server key and certificate | ||
| + | # Generate the server key file: | ||
| + | openssl req -newkey rsa:2048 -days 9999 -nodes -keyout server-key.pem -out server-req.pem | ||
| + | # Remove the passphrase: | ||
| + | openssl rsa -in server-key.pem -out server-key.pem | ||
| + | # Generate the server certificate file: | ||
| + | openssl x509 -req -in server-req.pem -days 9999 -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem | ||
| + | |||
| + | # Generate client key and certificate | ||
| + | # Generate the client key file: | ||
| + | openssl req -newkey rsa:2048 -days 9999 -nodes -keyout client-key.pem -out client-req.pem | ||
| + | # Remove the passphrase: | ||
| + | openssl rsa -in client-key.pem -out client-key.pem | ||
| + | # Generate the client certificate file: | ||
| + | openssl x509 -req -in client-req.pem -days 9999 -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem | ||
| + | |||
| + | </ | ||
wiki/technical/percona.1684849214.txt.gz · Последнее изменение: 2023/05/23 16:40 — Diman