MariaDB is a fork of the MySQL database management system that is designed to be drop-in compatible with MySQL. You can set up SSL (Secure Sockets Layer) to encrypt the connection between the MariaDB server and clients, and secure the connection by allowing only authorized clients to connect to the server.
To set up MariaDB SSL and secure connections from clients, follow these steps:
To install MariaDB on your system, you can use the package manager of your Linux distribution. For example, on Ubuntu or Debian, you can use the following command:
refer to:ttualuri.comsudo apt-get install mariadb-server
On CentOS or Fedora, you can use the following command:
sudo yum install mariadb-server
To use SSL with MariaDB, you need to generate SSL certificates and keys. You can use the openssl command to generate a self-signed certificate and key.
Run the following command to generate a self-signed certificate and key:
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -keyout /etc/mysql/ssl/mysql.key -out /etc/mysql/ssl/mysql.crt
This will generate a certificate and key in the /etc/mysql/ssl directory, which will be valid for 365 days.
To configure MariaDB to use SSL, you need to edit the MariaDB configuration file my.cnf. You can find the configuration file in the /etc/mysql directory.
Open the my.cnf file in a text editor and add the following lines:
[mysqld] ssl-ca=/etc/mysql/ssl/mysql.crt ssl-cert=/etc/mysql/ssl/mysql.crt ssl-key=/etc/mysql/ssl/mysql.key
This will tell MariaDB to use the SSL certificate and key that you generated in step 2.
After you have configured MariaDB to use SSL, you need to restart the MariaDB service to apply the changes. On Ubuntu or Debian, you can use the following command to restart MariaDB:
sudo service mysql restart
On CentOS or Fedora, you can use the following command:
sudo systemctl restart mariadb
To secure the MariaDB connection and allow only authorized clients to connect to the server, you can use the mysql_secure_installation script. This script will prompt you to set a root password, remove anonymous users, and disable remote root logins.
Run the following command to secure the MariaDB connection:
sudo mysql_secure_installation
To test the SSL connection, you can use the mysql command-line client and specify the --ssl option. For example, to connect to the MariaDB server using SSL, you can use the following command:
mysql -u root -p --ssl
This will prompt you for the root password and connect to the MariaDB server using SSL.