如何配置Spring Boot应用程序以通过MySQL使用SSL/TLS? [英] How to configure spring boot application to use SSL/TLS over MySQL?

问题描述

我在MySQL服务器上设置了SSL.

I set up SSL on my MySQL server.

我为CA(ca.pem，ca-key.pem)，客户端(client-cert.pem，client-key.pem)和服务器(server-cert.pem和server-key.pem)生成了一些证书).

I generated few certicates for CA (ca.pem, ca-key.pem), for client (client-cert.pem, client-key.pem) and server (server-cert.pem and server-key.pem).

在spring boot配置文件中，这是到application.yml文件中定义的MySQL的链接. : jdbc:mysql://host:3306/bdd_name?useUnicode = true& characterEncoding = utf8& useSSL = true& requireSSL = true

In spring boot configuration file, here is the link to MySQL defined in application.yml file : jdbc:mysql://host:3306/bdd_name?useUnicode=true&characterEncoding=utf8&useSSL=true&requireSSL=true

我使用openssl验证来验证我的证书，也使用mysql客户端建立连接来进行验证.

I verify that my certicates are with openssl verify and I verify also by using a mysql client to set up a connection.

如何将链接Spring Boot应用程序设置为我的证书(我具有* .pem文件)以完成配置?

How to set the link Spring Boot application to my certificates (I have *.pem files) to finish my configuration ?

推荐答案

您需要在密钥库中添加"*.pem" 文件(证书和密钥).和信任库" 中的CA.

You need to add the "*.pem" files (cert and key) in a keystore and the CA in a "truststore".

此链接很好地说明了如何创建自己的密钥库和信任库[link] http://roopindersingh.com/programming/converting-pem-certificates-and-private-keys-to-jks/

This link explains well how to create your own keystore and truststore [link] http://roopindersingh.com/programming/converting-pem-certificates-and-private-keys-to-jks/

在您必须添加JVM参数之后

After you have to add in JVM paramaters

-Djavax.net.ssl.keyStore=/path/to/keystore/keystore.jks
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=/path/to/keystore/truststore.jks
-Djavax.net.ssl.trustStorePassword=password

这篇关于如何配置Spring Boot应用程序以通过MySQL使用SSL/TLS?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！