6. SSL连接测试
* 创建用户并指定 SSL 连接
mysql> grant all on *.* to 'ssl_test'@'%' identified by '123' require SSL;
Query OK, 0 rows affected (0.00 sec)
* 通过密码连接测试
[root@MySQL ~]# mysql -h 192.168.60.129 -ussl_test -p'123'
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'ssl_test'@'192.168.60.129' (using password: YES)
* 通过客户端密钥与证书SSL + 密码连接测试
[root@MySQL ~]# mysql -h 192.168.60.129 -ussl_test --ssl-cert=client-cert.pem --ssl-key=client-key.pem
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 5.6.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> \s
--------------
mysql Ver 14.14 Distrib 5.6.36, for linux-glibc2.5 (x86_64) using EditLine wrapper
Connection id: 20
Current database:
Current user: ssl_test@192.168.60.129
SSL: Cipher in use is DHE-RSA-AES256-SHA
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.6.36 MySQL Community Server (GPL)
Protocol version: 10
Connection: 192.168.60.129 via TCP/IP
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
TCP port: 3306
Uptime: 16 min 38 sec
Threads: 1 Questions: 35 Slow queries: 0 Opens: 67 Flush tables: 1 Open tables: 60 Queries per second avg: 0.035