如何获得Amazon MySQL RDS证书 [英] How to get hold of Amazon MySQL RDS certificates

问题描述

Amazon RDS文档(http://aws.amazon.com/rds/faqs/#53)指定"Amazon RDS为每个[MySQL]数据库实例生成SSL证书".我找不到任何有关如何查找证书的文档，并且在管理控制台中找不到证书.

Amazon RDS documentation (http://aws.amazon.com/rds/faqs/#53) specifies that "Amazon RDS generates an SSL certificate for each [MySQL] DB Instance". I haven't been able to find any documentation on how to find the certificates and the certificates are nowhere to be found in the management console.

证书在哪里?

推荐答案

我在这里找到了解决方案: https://forums.aws.amazon.com/thread.jspa?threadID=62110 .

I found the solution here: https://forums.aws.amazon.com/thread.jspa?threadID=62110.

• 从此处下载ca证书文件: https://s3 .amazonaws.com/rds-downloads/mysql-ssl-ca-cert.pem

curl -O https://s3.amazonaws.com/rds-downloads/mysql-ssl-ca-cert.pem

• 连接到mysql:

mysql -uusername -p --host=host --ssl-ca=mysql-ssl-ca-cert.pem

• 检查您的连接是否确实加密:

mysql> SHOW STATUS LIKE 'Ssl_cipher';

+---------------+------------+
| Variable_name | Value      |
+---------------+------------+
| Ssl_cipher    | AES256-SHA |
+---------------+------------+
1 row in set (0.00 sec)

• (可选)强制特定用户使用SSL连接到MySQL

mysql> ALTER USER 'username'@'host|%' REQUIRE SSL

这篇关于如何获得Amazon MySQL RDS证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！