Vel*_*kan 10 mysql ubuntu encryption ssl
尝试启用加密时出错:
[ERROR] SSL error: Unable to get private key from '/etc/mysql/ssl/nginx.key'
[Warning] Failed to set up SSL because of the following SSL library error: Unable to get private key
/etc/mysql/conf.d/encrypt.cnf:
[mysqld]
ssl-ca=/etc/mysql/ssl/nginx.ca
ssl-cert=/etc/mysql/ssl/nginx.crt
ssl-key=/etc/mysql/ssl/nginx.key
密钥是这样生成的:
openssl req -newkey rsa:4096 -nodes -keyout nginx.key -subj "/C=US/ST=California/L=Sacramento/O=MyOrg/OU=MyDev/CN=MyApp"
openssl 检查得很好。
我尝试更改权限、所有者、文件名、移动到不同的目录、禁用 SELinux(它已经被禁用)、查看 AppArmor 日志(它不会阻止它)、将“BEGIN/END PRIVATE KEY”更改为“BEGIN” /END RSA 私钥'。
它出什么问题了?
Vel*_*kan 11
好的,显然只是将“BEGIN PRIVATE KEY”更改为“BEGIN RSA PRIVATE KEY”是不够的。
它必须正确地从 PKCS#8 转换为 PKCS#1参考
openssl rsa -in /etc/mysql/ssl/nginx.key -out ~/nginx.key.rsa