Managing SSL certificates for MySQL can be somewhat of a pain, especially when setting it up on multiple machines.
I looked around on the web, and didn’t really run into any mentions of how to do this for multiple machines, so I dug into it a bit more.
If you’ve created the certificates before, you’ll know you get prompted for various bits of information during a couple of the steps (country, state, email).
However, this can be by-passed by using the -batch option with the openssl command.
So, to set this up for multiple servers, just loop through the following 5 commands for your servers:
cd C:\mysql\certs
openssl genrsa 2048 > ca-key.pem
openssl req -new -x509 -nodes -days 3600 -batch -key ca-key.pem > ca-cert.pem
openssl req -newkey rsa:2048 -days 3600 -batch -nodes -keyout server-key.pem >
server-req.pem
openssl x509 -req -in server-req.pem -days 3600 -CA ca-cert.pem
-CAkey …[Read more]