Shulou(Shulou.com)06/01 Report--

Environment:

CentOS7.4

CA mainframe one

Two mysql hosts

Database: MariaDB- 5.5I. prepare certificate files

1. Generate CA self-signed certificate

Mkdir / etc/my.cnf.d/sslcd / etc/my.cnf.d/sslopenssl genrsa 2048 > cakey.pemchmod 600cakey.pemopenssl req-new-x509-key cakey.pem-days 3650-out cacert.pem

two。 Generate master private key and certificate request

Openssl req-newkey rsa:2048-days 365-nodes-keyout master.key > master.csr

3. Issue a certificate to master

Openssl x509-req-in master.csr-CA cacert.pem-CAkey cakey.pem-set_serial 01 > master.crt

4. Generate slave private key and certificate request

Openssl req-newkey rsa:2048-days 365-nodes-keyout slave.key > slave.csr

5. Issue a certificate to slave

Openssl x509-req-in slave.csr-CA cacert.pem-CAkey cakey.pem-set_serial 02 > slave.crt

6. Distribute certificate files to master and slave respectively

Master:

Slave:

II. Configuration of the main library

# modify / etc/my.cnf

# add configuration information such as ssl

Create a copy user from the library and only allow encrypted connections through ssl:

Mysql > grant replication slave on *. * to 'repluser'@'192.168.1.%' identified by' mysql' require ssl; III. Slave library configuration

# modify / etc/my.cnf

# add configuration information such as ssl

Configure the information to connect to the main library:

Change master to master_host='192.168.1.2',master_user='repluser',master_password='mysql',master_log_file='mariadb-bin.000001',master_log_pos=245,master_ssl=1;start slave;show slave status\ G

Fourth, test whether the master and slave are synchronized.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.