How to enable ssl for ProxySQL | SSL setup for proxysql | super shine |
ProxySQL:
FOR PROXYSQL:
yum install -y mariadb
proxysql-2.0.6-1-centos7.x86_64.rpm
systemctl enable proxysql.service
systemctl start proxysql.service
mysql -u admin -padmin -h 127.0.0.1 -P6032 –prompt=’ProxySQL= ‘
SELECT * FROM global_variables WHERE variable_name LIKE ‘mysql%ssl%’;
UPDATE mysql_servers SET use_ssl=1 WHERE port=3306;
LOAD MYSQL SERVERS TO RUNTIME;
SAVE MYSQL SERVERS TO DISK;
select hostgroup_id,hostname,port,status,max_connections,use_ssl from mysql_servers;
SET mysql-ssl_p2s_cert=”/var/lib/proxysql/proxysql-cert.pem”;
SET mysql-ssl_p2s_key=”/var/lib/proxysql/proxysql-key.pem”;
SET mysql-ssl_p2s_ca=”/var/lib/proxysql/proxysql-ca.pem”;
SET mysql-ssl_p2s_cipher=’ECDHE-RSA-AES256-SHA’;
LOAD MYSQL VARIABLES TO RUNTIME;
SAVE MYSQL VARIABLES TO DISK;
SELECT * FROM global_variables WHERE variable_name LIKE ‘mysql%ssl%’;
Make sure SSL is enabled for client connections, if not,
UPDATE global_variables SET variable_value=’true’ WHERE variable_name=’mysql-have_ssl’;
or
set mysql-have_ssl=’true’;
and then issue command:
LOAD MYSQL VARIABLES TO RUNTIME;
SAVE MYSQL VARIABLES TO DISK;
systemctl restart proxysql.service
mysql -u admin -padmin -h 127.0.0.1 -P6032 –prompt=’ProxySQL= ‘ –ssl
status
Working fine.