[2022] MySQL MariaDB setup with SSL/TLS | Linux Ubuntu Focal | 10.5 | Tharun Shiv | Developer tharun

Link to the article: https://dev.to/developertharun/easiest-way-to-setup-mysqlmariadb-with-tlsssl-in-10-minutes-v105-any-os-ubuntu-focal-developer-tharun-4okc

In this tutorial we will look at how to setup MariaDB/MySQL including SSL/TLS. This will enable the clients connecting with the MySQL server. We will add repository, install mariadb-server, generate certs, place them in the right folder, edit the configurations and test it.

Link to fetch the respective repository

Link to the MariaDB Downloads page

On the above page:

Choose a distribution
Choose a MariaDB Server version

Once you do this, you will be able to view the commands to install MariaDB Server on your system of any operating system ( OS ). In this tutorial I have chosen Ubuntu Focal ( 20.04 ) and a MariaDB Server version of 10.5

TLS Setup of MariaDB

We have setup MySQL/MariaDB above without TLS. For most of the setups the above would be sufficient. To take it to the next level, we will add TLS ability here such that the data transferred between the client and MySQL is encrypted and secure.

Generation of certificates

There are several ways to generate certificates. If you are at an organization, it probably has a standard way to generate a CA. You are free to go ahead and get the CA Cert, Server Cert and Server Key using that way. If not, follow the below steps. No Pre-requisites required.

Generate CA ( Certificate Authority ) Key and Certificates

Generation of Server key and Server cert

We will generate server key and use it to generate a CSR ( Certificate Signing Request ). We will take this to the Certificate Authority and get it signed by the CA. Thus we will get the server cert. In this process we will also use the server extensions.