Datenbank/Kryptografie: Unterschied zwischen den Versionen
K Textersetzung - „Kategorie:(.*):(.*)“ durch „Kategorie:/$1/$2“ |
K Textersetzung - „[[Kategorie:/“ durch „[[Kategorie:“ |
||
Zeile 38: | Zeile 38: | ||
# https://bettercrypto.org/ | # https://bettercrypto.org/ | ||
[[Kategorie: | [[Kategorie:Kryptografie/Best Practice]] | ||
[[Kategorie:Datenbank]] | [[Kategorie:Datenbank]] |
Version vom 28. März 2023, 10:27 Uhr
MySQL
Tested with Versions
- MySQL 5.5 on Debian Wheezy
- MySQL 5.7.20 on Ubuntu 16.04.3
Settings
References
MySQL Documentation on Configuring MySQL to Use Encrypted Connections.
How to test
After restarting the server run the following query to see if the ssl settings are correct: show variables like '%ssl%';
PostgreSQL
Tested with Versions
- Debian Wheezy and PostgreSQL 9.1
- Linux Mint 14 nadia / Ubuntu 12.10 quantal with PostgreSQL 9.1+136 and OpenSSL 1.0.1c
Settings
- To start in SSL mode the server.crt and server.key must exist in the servers data directory $PGDATA.
Starting with version 9.2, you have the possibility to set the path manually. |
References
It’s recommended to read Security and Authentication in the manual.
- PostgreSQL Documentation on Secure TCP/IP Connections with SSL.
- PostgreSQL Documentation on Client Authentication.
How to test
To test your ssl settings, run psql with the sslmode parameter:
$ psql "sslmode=require host=postgres-server dbname=database" your-username