Enable SSL for MySql service

[10NANCY]

One of my users has asked me to enable SSL for MySql service. I have checked WHM >> Manage Service SSL Certificates >> but didn’t find any option to enable SSL certificate for the MySql service?
Has anyone have done it before?

[carl owen]

We did not find such option under MySQL or SSL in WHM panel. I assume you would like to install an SSL certificate on the domain name. If I am not correct on this, please let us know your requirements so that we can provide you with a solution.

[WebMaster]

Yes, Cpanel don't provide option to enable SSl for MySql.

Following is the work Around :

You need to first check whether you MySql supports SSL, you can use following command to perform the checks :

Quote:

MySql> SHOW VARIABLES LIKE '%ssl%';

+---------------+----------+
| Variable_name | Value |
+---------------+----------+
| have_openssl | DISABLED |
| have_ssl | DISABLED |

If it shows NO instead of DISABLED, then your MySql doesn’t support SSL. You need to upgrade the MySql Version to SSL support.

If the result is DISABLED then follow the instructions given below to enable SSL for MySql service.

First you need to create mysql directory in folder where SSL’s are stored:

Quote:

mkdir /var/cpanel/ssl/mysql

Create Symbolic links for Mysql to use the existing SSL certificates used by cpanel:

Quote:

ln -sf /etc/ssl/certs/SSL_domain.com.crt /var/cpanel/ssl/mysql/SSL_domain.com.crt
ln -sf /etc/ssl/certs/SSL_domain.com.cabundle var/cpanel/ssl/mysql/SSL_domain.com.cabundle

Copy the server private key in mysql folder created in step1:

Quote:

cp /etc/ssl/private/SSL_domain.com.key /var/cpanel/ssl/mysql

correct the permission of file copied:

Quote:

chown mysql SSL_domain.com.key

Add the following line in /etc/my.cnf

Quote:

[mysqld]
ssl-ca=/var/cpanel/ssl/mysql/SSL_domain.com.cabundle
ssl-cert=/var/cpanel/ssl/mysql/SSL_domain.com.crt
ssl-key=/var/cpanel/ssl/mysql/SSL_domain.com.key
[client]
ssl-ca=/var/cpanel/ssl/mysql/SSL_domain.com.cabundle
ssl-cert=/var/cpanel/ssl/mysql/SSL_domain.com.crt
ssl-key=/var/cpanel/ssl/mysql/SSL_domain.com.key

Restart the mysql service and check MySql supports SSL again, You will get have_openssl and have_ssl set as YES.

[Scott Jacobs]

To WebMaster

I assume you actually know anything about any of those topics genius, so can you tell me how to replicate mysql database with ssl encryption? I am currently using Centos.....