MySQL Variables auto_generate_certs 数据库 参数变量解释及正确配置使用
本站中文解释
MySQL参数变量auto_generate_certs用于控制MySQL是否会自动生成SSL/TLS证书以用于安全连接。如果这个变量设置为ON,MySQL将会生成SSL/TLS证书,而不需要使用外部证书。
要设置这个变量,首先可在MySQL服务器的my.cnf配置文件中添加如下的语句:
auto_generate_certs=ON
之后,需要重启MySQL服务以使变量生效。
官方英文解释
auto_generate_certs
| Command-Line Format | --auto-generate-certs[={OFF|ON}] |
|---|---|
| System Variable | auto_generate_certs |
| Scope | Global |
| Dynamic | No |
| Type | Boolean |
| Default Value | ON |
This variable is available if the server was compiled using
OpenSSL (see Section 6.3.4, “SSL Library-Dependent Capabilities”). It controls
whether the server autogenerates SSL key and certificate files
in the data directory, if they do not already exist.
At startup, the server automatically generates server-side and
client-side SSL certificate and key files in the data
directory if the
auto_generate_certs system
variable is enabled, no SSL options other than
--ssl are specified, and the
server-side SSL files are missing from the data directory.
These files enable secure client connections using SSL; see
Section 6.3.1, “Configuring MySQL to Use Encrypted Connections”.
For more information about SSL file autogeneration, including
file names and characteristics, see
Section 6.3.3.1, “Creating SSL and RSA Certificates and Keys using MySQL”
The
sha256_password_auto_generate_rsa_keys
system variable is related but controls autogeneration of RSA
key-pair files needed for secure password exchange using RSA
over unencypted connections.
