Aide memo MYSQL

Permettre les connexions distantes
CREATE USER [user name]@xxx.xxx.xxx.xxx IDENTIFIED BY [passwd];
GRANT SELECT, SHOW DATABASES ON *.* TO [user name]@xxx.xxx.xxx.xxx;
FLUSH PRIVILEGES;
Vérifier si l’utilisateur est bien créé
select user,host from mysql.user;

Configuration SSL de MySQL
show variables LIKE « %ssl% »;

mkdir /etc/mysql/newcerts/
cd /etc/mysql/newcerts/

openssl genrsa 2048 > ca-key.pem
openssl req -new -x509 -nodes -days 1000 -key ca-key.pem > ca-cert.pem
openssl req -newkey rsa:2048 -days 1000 -nodes -keyout server-key.pem > server-req.pem
openssl x509 -req -in server-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
openssl req -newkey rsa:2048 -days 1000 -nodes -keyout client-key.pem > client-req.pem
openssl x509 -req -in client-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > client-cert.pem
Verifier les certificats
openssl verify -CAfile ca-cert.pem server-cert.pem client-cert.pem

openssl rsa -in ca-key.pem -out ca-key.pem
openssl rsa -in server-key.pem -out server-key.pem
openssl rsa -in client-key.pem -out client-key.pem

service mysql restart

vérifier si le SSL est activé
show variables LIKE « %ssl% »;