我在主机上生成了这些文件:
openssl genrsa 4096 > ca-key.pem
openssl req -new -x509 -nodes -days 9999 -key ca-key.pem > ca-cert.pem
openssl req -newkey rsa:4096 -days 9999 -nodes -keyout server-key.pem > server-req.pem
openssl x509 -req -in server-req.pem -days 9999 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
openssl req -newkey rsa:4096 -days 9999 -nodes -keyout client-key.pem > client-req.pem
openssl x509 -req -in client-req.pem -days 9999 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > client-cert.pem
然后更新/etc/mysql/mysql.conf.d/mysqld.cnf
如下:
[mysqld]
server-id = 1
binlog-format = mixed
log-bin = mysql-bin
innodb_flush_log_at_trx_commit = 1
sync_binlog=1
ssl
ssl-ca=/etc/mysql/certs/ca-cert.pem
ssl-cert=/etc/mysql/certs/server-cert.pem
ssl-key=/etc/mysql/certs/server-key.pem
然后我将 ca-cert.pem、client-cert.pem 和 client-key.pem 复制到我的从机/etc/mysql/certs
我的问题是当我逃离奴隶时我无法沟通
mysql -h 192.168.1.53 -u replication -p --ssl-ca=/etc/mysql/certs/ca-cert.pem --ssl-cert=/etc/mysql/certs/client-cert.pem --ssl-key=/etc/mysql/certs/client-key.pem
收到错误
ERROR 2026 (HY000): SSL connection error: SSL is required but the server doesn't support it
问题是什么?如何修复?我也尝试mysql -h localhost -u replication -p --ssl-ca=/etc/mysql/certs/ca-cert.pem --ssl-cert=/etc/mysql/certs/client-cert.pem --ssl-key=/etc/mysql/certs/client-key.pem
在 master 中修复,但出现同样的错误