CODEWITHSUNDEEP
mysqlsecurityssl
Uday
Uday

Reputation: 1490

Mysql: How can i know whether my mysql binary has ssl support or not

I am trying to secure my db servers secured on the live setup. I have read it like we can enable ssl in mysql to make the data transfer over the network between master and slave to be encrypted.

Shall someone help on how can i know whether i have the ssl support or not. If i have how can i enable this as i cant compile a binary again with --have-ssl

Thanks in advance. Regards, UDAY

Upvotes: 3

Views: 5740

Answers (2)

Fütemire
Fütemire

Reputation: 1893

To add to @BluesRockAddict answer, on a running server you can also do the following...

View the paths to your SSL Certificates and Keys..

mysql> SHOW VARIABLES LIKE 'SSL%';

This will show you the path to the SSL certs and keys that your MySql connection should use. These paths are required in order for the have_ssl and have_openssl to be ENABLED, assuming openssl is installed.

Example

View SSL paths.

If the ssl paths are empty then you will need to create the required certificates and restart your MySql service. This site has a pretty good explanation on how to do this, How to enable SSL for MySQL server and client. Once you do that the have_ssl and have_openssl should appear ENABLED.

Check to see if SSL is in use..

mysql> \s

Look for the this line...

SSL:         Not in use

Example

View if SSL is in use.

Upvotes: 1

BluesRockAddict
BluesRockAddict

Reputation: 15683

Try starting MySQL with --ssl option:

mysqld --ssl --help

If the server does not support SSL, you'll see an error:

[ERROR] mysqld: unknown option '--ssl'

On running server, you can check have_ssl or have_openssl variables:

mysql> SHOW VARIABLES LIKE 'have_ssl';
mysql> SHOW VARIABLES LIKE 'have_openssl';

Upvotes: 6

Related Questions