Datenbank/Kryptografie: Unterschied zwischen den Versionen
Keine Bearbeitungszusammenfassung |
Keine Bearbeitungszusammenfassung |
||
(Eine dazwischenliegende Version desselben Benutzers wird nicht angezeigt) | |||
Zeile 19: | Zeile 19: | ||
==== Settings ==== | ==== Settings ==== | ||
; To start in SSL mode the <tt>server.crt</tt> and <tt>server.key</tt> must exist in the servers data directory <tt>$PGDATA</tt>. | ; To start in SSL mode the <tt>server.crt</tt> and <tt>server.key</tt> must exist in the servers data directory <tt>$PGDATA</tt>. | ||
* Starting with version 9.2, you have the possibility to set the path manually | |||
==== References ==== | ==== References ==== | ||
Zeile 47: | Zeile 42: | ||
[[Kategorie:Kryptografie/Best Practice]] | [[Kategorie:Kryptografie/Best Practice]] | ||
[[Kategorie:Datenbank]] | [[Kategorie:Datenbank/Sicherheit]] | ||
</noinclude> | </noinclude> |
Aktuelle Version vom 31. März 2024, 13:55 Uhr
MySQL
Tested with Versions
- MySQL 5.5 on Debian Wheezy
- MySQL 5.7.20 on Ubuntu 16.04.3
Settings
References
MySQL Documentation on Configuring MySQL to Use Encrypted Connections.
How to test
After restarting the server run the following query to see if the ssl settings are correct: show variables like '%ssl%';
PostgreSQL
Tested with Versions
- Debian Wheezy and PostgreSQL 9.1
- Linux Mint 14 nadia / Ubuntu 12.10 quantal with PostgreSQL 9.1+136 and OpenSSL 1.0.1c
Settings
- To start in SSL mode the server.crt and server.key must exist in the servers data directory $PGDATA.
- Starting with version 9.2, you have the possibility to set the path manually
References
It’s recommended to read Security and Authentication in the manual.
- PostgreSQL Documentation on Secure TCP/IP Connections with SSL.
- PostgreSQL Documentation on Client Authentication.
How to test
To test your ssl settings, run psql with the sslmode parameter:
$ psql "sslmode=require host=postgres-server dbname=database" your-username
Anhang
Siehe auch
Sicherheit
Dokumentation
Links
Projekt
Weblinks