[Ach] Feedback to applied-crypto-hardening.pdf - Database Systems - MySQL
Torge Riedel
torgeriedel at gmx.de
Fri Dec 22 13:50:00 CET 2017
Hi list,
continuing my feedback with Database Systems / MySQL:
# cat /etc/os-release
NAME="Ubuntu"
VERSION="16.04.3 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04.3 LTS"
# mysql --version
mysql Ver 14.14 Distrib 5.7.20, for Linux (x86_64) using EditLine wrapper
The guide is working for me. But I'm not sure whether it should be
ssl=1
And - this is maybe out-of-scope - if you want to use Let's Encrypt certs for MySQL, do the following:
mkdir -p /etc/mysql/certs
openssl rsa -in /etc/letsencrypt/live/<mydomain>/privkey.pem -out /etc/mysql/certs/privkey.pem
cp /etc/letsencrypt/live/<mydomain>/cert.pem /etc/mysql/certs/
and configure MySQL like this:
#ssl-ca=/etc/mysql/certs/ca.pem
ssl-cert=/etc/mysql/certs/cert.pem
ssl-key=/etc/mysql/certs/privkey.pem
Regards
Torge
More information about the Ach
mailing list