MySQL Variables require_secure_transport 数据库 参数变量解释及正确配置使用
本站中文解释
require_secure_transport是MySQL的一个参数变量,用于配置是否允许使用加密连接。它有yes和no两个可选参数,默认值为no,即让MySQL忽略任何控制用户认证安全传输的约束。
如果要设置它,可以使用SET GLOBAL command:
SET GLOBAL require_secure_transport=’yes’;
这样设置之后,使用MySQL的客户端连接到服务器时,就只能使用加密的连接,不支持明文的连接了。
官方英文解释
require_secure_transport
| Command-Line Format | --require-secure-transport[={OFF|ON}] |
|---|---|
| System Variable | require_secure_transport |
| Scope | Global |
| Dynamic | Yes |
| Type | Boolean |
| Default Value | OFF |
Whether client connections to the server are required to use
some form of secure transport. When this variable is enabled,
the server permits only TCP/IP connections encrypted using
TLS/SSL, or connections that use a socket file (on Unix) or
shared memory (on Windows). The server rejects nonsecure
connection attempts, which fail with an
ER_SECURE_TRANSPORT_REQUIRED
error.
This capability supplements per-account SSL requirements,
which take precedence. For example, if an account is defined
with REQUIRE SSL, enabling
require_secure_transport does
not make it possible to use the account to connect using a
Unix socket file.
It is possible for a server to have no secure transports
available. For example, a server on Windows supports no secure
transports if started without specifying any SSL certificate
or key files and with the
shared_memory system variable
disabled. Under these conditions, attempts to enable
require_secure_transport at
startup cause the server to write a message to the error log
and exit. Attempts to enable the variable at runtime fail with
an
ER_NO_SECURE_TRANSPORTS_CONFIGURED
error.
See also Configuring Encrypted Connections as Mandatory.
