Configuring SSL for MariaDB involves several steps, from creating and generating the SSL certificate and key to configuring the MariaDB to use SSL.
Follow the steps below to configure your MariaDB to use SSL:
1. Create SSL Certificate and Key:
Open the terminal and navigate to the MariaDB directory. Use the OpenSSL suite to create a new certificate: \`\`\` openssl genrsa 2048 > server-key.pem openssl req -new -x509 -nodes -days 3600 -key server-key.pem -out server-cert.pem \`\`\` This will create a new private key (`server-key.pem`) and a new SSL certificate (`server-cert.pem`).1. Set the Ownership and Permissions:
Change the ownership of the key and certificate to `mysql`: \`\`\` chown mysql:mysql server-\* chmod 660 server-\* \`\`\`1. Configure MariaDB Server:
Open the MariaDB server configuration file. The path may vary depending on your Linux distribution (`/etc/mysql/my.cnf or /etc/my.cnf`). Insert these lines under the `[mysqld]` section: \`\`\` ssl-ca = /etc/mysql/ssl/server-cert.pem ssl-key = /etc/mysql/ssl/server-key.pem ssl-cert = /etc/mysql/ssl/server-cert.pem \`\`\` Save the file and exit.1. Restart MariaDB Server:
After configuring, restart the MariaDB server for the changes to take effect: Ubuntu/Debian systems: \`\`\` systemctl restart mariadb \`\`\` CentOS systems: \`\`\` systemctl restart mysqld \`\`\`1. Verify SSL Configuration:
Log into the MySQL/MariaDB client and execute the following command: \`\`\` SHOW GLOBAL VARIABLES LIKE ‘have\_ssl’; \`\`\` It should return `YES` if the MariaDB server is successfully configured with SSL.Please note that the necessary paths might be different according to your server configuration. Make sure the MariaDB user can read the certificates, and the certificate files are placed in the correct directories.
