MySQL Utilities Team is pleased to announce a new release that con">
时间:2021-07-01 10:21:17 帮助过:32人阅读
Use the new SSL command-line options that are available for all utilities:
–ssl-ca : The path to a file that contains a list of trusted SSL certificate authorities. –ssl-cert : The name of the SSL certificate file to use for establishing a secure connection. –ssl-key : The name of the SSL key file to use for establishing a secure connection. Then just specify the appropriate values on the command-line with any other parameters.
If typing all of those SSL options seems tedious, you can specify this information in your configuration file and reference the file via a new syntax. You can also supply a path to the file. Observe.
–server=
Example: –server=/dev/env/test1/my.cnf[server1_ssl]
In this example, the utility will read the SSL option values from the my.cnf file in /dev/env/test1/ looking for them in the server1_ssl section. Thus, you can make as many sections as you have servers and/or combinations of login option values. How cool is that?
Here’s an example with two entries; the first one has SSL options.
[instance_3307] port=3307 user=root password=lilly-pass host=localhost ssl-ca=C:/newcerts/cacert.pem ssl-cert=C:/newcerts/client-cert.pem ssl-key=C:/newcerts/client-key.pem [instance_3308] port=3308 user=root password=other-pass host=localhost
As you can see, you can use this new syntax for any connection – SSL or not! No more typing out the user, password, blah, blah, blah, just plug the information into your configuration file and you’re done with remembering ports and sockets and passwords and … you get the idea.
Now let’s see the SSL feature in action. It’s really quite simple.
Example1: Using command-line options:
$ mysqlserverinfo –server=root:pass@localhost:3307 / –ssl-ca=C:/newcerts/cacert.pem / –ssl-cert=C:/newcerts/client-cert.pem / –ssl-key=C:/newcerts/client-key.pem / –format=vertical # Source on localhost: … connected. ************************* 1. row ************************* server: localhost:3307 config_file: binary_log: binary_log_pos: relay_log: relay_log_pos: version: 5.6.15 datadir: C:/MySQL/instance_3307/ basedir: C:/MySQL/mysql-5.6.15-winx64 plugin_dir: C:/MySQL/mysql-5.6.15-winx64/lib/plugin/ general_log: OFF general_log_file: general_log_file_size: log_error: C:/MySQL/instance_3307/clone.err log_error_file_size: 1569 bytes slow_query_log: OFF slow_query_log_file: slow_query_log_file_size: 1 row. #…done.
$ mysqlserverinfo –server=c:/MySQL/instance-3307.cnf[instance_3307] / –format=vertical # Source on localhost: … connected. ************************* 1. row ************************* server: localhost:3307 config_file: binary_log: binary_log_pos: relay_log: relay_log_pos: version: 5.6.15 datadir: C:/MySQL/instance_3307/ basedir: C:/MySQL/mysql-5.6.15-winx64 plugin_dir: C:/MySQL/mysql-5.6.15-winx64/lib/plugin/ general_log: OFF general_log_file: general_log_file_size: log_error: C:/MySQL/instance_3307/clone.err log_error_file_size: 1569 bytes slow_query_log: OFF slow_query_log_file: slow_query_log_file_size: 1 row. #…done.
Here, I’ve added the following to my configuration file:
[instance_13001] port=13001 user=root password=mippippipi host=localhost Now I execute a utility: $ mysqlserverinfo.py –server=my.cnf[instance_13001] –format=vertical # Source on localhost: … connected. ************************* 1. row ************************* server: localhost:13001 config_file: /etc/my.cnf, /etc/mysql/my.cnf binary_log: clone-bin.000001 binary_log_pos: 341 relay_log: relay_log_pos: version: 5.6.17-log datadir: /Volumes/Source/source/temp_13001/ basedir: /Volumes/Source/source/bzr/mysql-5.6 plugin_dir: /Volumes/Source/source/bzr/mysql-5.6/lib/plugin/ general_log: OFF general_log_file: general_log_file_size: log_error: log_error_file_size: slow_query_log: OFF slow_query_log_file: slow_query_log_file_size: 1 row.
#…done.
Wow, now that’s easier and it also reduces security concerns by removing the password from the command-line.
But wait, there is an even more secure way to specify passwords: login-paths!
Note: MySQL Utilities version 1.2.1 and later support login-paths.
In the above example, the password is stored in plain-text in the option file. However, if you use login-paths, you can store the same information in a encrypted file (.mylogin.cnf). Wow. No more plain text passwords!
Use the mysql_config_editor tool (http://dev.mysql.com/doc/en/mysql-config-editor.html) to add the connection information as follows.
$ mysql_config_editor set –login-path=instance_13001 –host=localhost –user=root –port=13001 –passwordEnter password: Next, use the following command to confirm that the login-path data was correctly added to . mylogin.cnf (the encrypted file): $ mysql_config_editor print –login-path=instance_13001 [instance_13001] user = root password = ***** host = localhost port = 13001
Now, execute the desired utility specifying the login-path section instead of the usual user:passwd@host:port:socket:
$ mysqlserverinfo –server=instance_13001 –format=vertical # Source on localhost: … connected. ************************* 1. row ************************* server: localhost:13001 config_file: /etc/my.cnf, /etc/mysql/my.cnf binary_log: clone-bin.000001 binary_log_pos: 341 relay_log: relay_log_pos: version: 5.6.17-log datadir: /Volumes/Source/source/temp_13001/ basedir: /Volumes/Source/source/bzr/mysql-5.6 plugin_dir: /Volumes/Source/source/bzr/mysql-5.6/lib/plugin/ general_log: OFF general_log_file: general_log_file_size: log_error: log_error_file_size: slow_query_log: OFF slow_query_log_file: slow_query_log_file_size: 1 row. #…done.
You can download MySQL Utilities 1.5.0-alpha from the following link using one of the pre-built installation repositories including a source download. Be sure to click the “Development Releases” tab to see the 1.5.0 version download links.
http://dev.mysql.com/downloads/tools/utilities/
You can find online documentation for MySQL Utilities version 1.5 at:
http://dev.mysql.com/doc/mysql-utilities/1.5/en/index.html
以上就是New! MySQL Utilities Now Supports SSL and Configuration File的内容,更多相关内容请关注PHP中文网(www.gxlcms.com)!