How MySQL5.6 deploys the TLS method 04/06 Update SLTechnology News&Howtos

How MySQL5.6 deploys the TLS method

2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >

Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to deploy the TLS method in MySQL5.6. The things involved are learned from the theoretical knowledge. There are many books and documents for your reference. From the perspective of practical significance, the accumulated practical experience for many years can be shared with you.

Note: omit the installation process of MySQL5.6

[root@localhost] # mysql-uroot-pEnter password: Welcome to the MySQL monitor. Commands end with; or\ g.Your MySQL connection id is 2Server version: 5.6.40 Source distributionCopyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.Oracle is a registered trademark of Oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners.Type 'help;' or'\ h' for help. Type'\ c'to clear the current input statement.

< O_eiq(%K2R#-8DE:#?MOZBI)ua":n+S1JZlFP*Z*4[root@localhost ~]# tshark -ni lo -R "tcp.dstport eq 3306"tshark: -R without -2 is deprecated. For single-pass filtering use -Y.Running as user "root" and group "root". This could be dangerous.Capturing on 'Loopback' 1 0.000000000 127.0.0.1 ->

127.0.0.1 TCP 74 43154 > 3306 [SYN] Seq=0 Win=43690 Len=0 MSS=65495 SACK_PERM=1 TSval=8184814 TSecr=0 WS=128 3 0.000092859 127.0.0.1-> 127.0.0.1 TCP 66 43154 > 3306 [ACK] Seq=1 Ack=1 Win=43776 Len=0 TSval=8184814 TSecr=8184814 5 0.000434952 127.0.0.1-> 127.0.1 TCP 66 43154 > 3306 [ACK] Seq=1 Ack=79 Win=43776 Len=0 TSval=8184814 TSecr=8184814 6 0.000604778 127.0.0.1-> 127.0.0.1 MySQL 102 Login Request user= 8 0.003121269 127.0.0.1-> 127.0.0.1 TCP 247 [TCP segment of a reassembled PDU] 11 0.017109037 127.0.0.1-> 127.0.0.1 TCP 66 43154 > 3306 [ACK] Seq=218 Ack=2894 Win=174720 Len=0 TSval=8184831 TSecr=8184820 12 0.025592782 127.0.0.1-> 127.0.0.1 TCP 404 [TCP segment of a reassembled PDU] 14 0.029730886 127.0.0.1-> 127.0.0.1 0.0.1 TCP 332 [TCP segment of a reassembled PDU] 16 0.030049352 127.0.0.1-> 127.0.0.1 TCP 172 [TCP segment of a reassembled PDU] 18 0.071404170 127.0.0.1-> 127.0.0.1 TCP 66 43154 > 3306 [ACK] Seq=928 Ack=3356 Win=185984 Len=0 TSval=8184885 TSecr=8184844 19 11.507220009 127.0.0.1-> 127.0.0.1 TCP 156 [TCP segment of a reassembled PDU] 21 11. 507794338 127.0.0.1-> 127.0.0.1 TCP 66 43154 > 3306 [ACK] Seq=1018 Ack=3574 Win=191616 Len=0 TSval=8196321 TSecr=8196321

MySQL5.6 can only support TLSv1, not the later version of TLS protocol.

[root@localhost certs] # openssl genrsa-out client01.key 2048Generating RSA private key 2048 bit long modulus.+++.+++e is 65537 (0x10001) [root@localhost certs] # openssl req-new-key client01.key-out client01.csr-subj / C=CN/ST=BeiJing/L=BeiJing/O=mysqlDB/OU=mysql/CN=mysql_cli01/emailAddress=mysqladmin@test.com [root@localhost certs] # openssl x509-req-sha256-days-CA mysql_ca.crt-CAkey mysql_ca_rsa.key-CAcreateserial- The total amount of in client01.csr-out client01.crtSignature oksubject=/C=CN/ST=BeiJing/L=BeiJing/O=mysqlDB/OU=mysql/CN=mysql_cli01/emailAddress=mysqladmin@test.comGetting CA Private Key [root@localhost certs] # ll is 36m / r / r / m / r / r 1 mysql mysql 1302 December 18 15:55 client01.crt-rw-r--r--. 1 mysql mysql 1058 December 18 15:54 client01.csr-rw-r--r--. 1 mysql mysql 1679 December 18 15:54 client01.key-rw-r--r--. 1 mysql mysql 1415 December 18 14:44 mysql_ca.crt-rw-r--r--. 1 mysql mysql 1679 December 18 14:43 mysql_ca_rsa.key-rw-r--r--. 1 mysql mysql 17 December 18 15:55 mysql_ca.srl-rw-r--r--. 1 mysql mysql 1675 December 18 14:45 mysql_rsa.key-rw-r--r--. 1 mysql mysql 1306 December 18 14:46 mysql_server.crt-rw-r--r--. 1 mysql mysql 1058 December 18 14:45 mysql_ server. CSR [root @ localhost ~] # mysql-u tlstest-- ssl-ca=/project/mysql5.6/certs/mysql_ca.crt-- ssl=1-- ssl-cert=/project/mysql5.6/certs/client01.crt-- ssl-key=/project/mysql5.6/certs/client01.key-pEnter password: Welcome to the MySQL monitor. Commands end with; or\ g.Your MySQL connection id is 28Server version: 5.6.40 Source distributionCopyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.Oracle is a registered trademark of Oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners.Type 'help;' or'\ h' for help. Type'\ c'to clear the current input statement.

Mysql >

After reading the above introduction of how MySQL5.6 deploys TLS, I hope it can bring some help to everyone in practical application. Due to the limited space in this article, there will inevitably be deficiencies and areas that need to be supplemented. You can continue to pay attention to the industry information section and will update your industry news and knowledge regularly. If you need more professional answers, you can contact us on the official website for 24-hour pre-sales and after-sales to help you answer questions at any time.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.