Database Administrators Asked by IGGt on December 28, 2021
I have two MySQL 5.7 databases ([db1] 5.7.27 and [db2] 5.7.29)
(n.b. db1 is Linux, db2 is Windows)
I have created a basic user on db1:
CREATE USER 'ssltest'@'%' IDENTIFIED BY 'ssltest';
GRANT ALL ON *.* TO 'ssltest'@'%' REQUIRE SSL;
I now connect from db2 to db1:
mysql -h1.2.3.4 -P3306 -ussltest -pssltest
And check the connection:
mysql> show session status like 'ssl_version';
+---------------+---------+
| Variable_name | Value |
+---------------+---------+
| Ssl_version | TLSv1.1 |
+---------------+---------+
mysql> show session status like 'ssl_cipher';
+---------------+--------------------+
| Variable_name | Value |
+---------------+--------------------+
| Ssl_cipher | DHE-RSA-AES256-SHA |
+---------------+--------------------+
So, this suggests that my connection is indeed using SSL.
However, if I log onto db1 and run:
SELECT
sbt.variable_value AS tls_version,
t2.variable_value AS cipher,
processlist_user AS user,
processlist_host AS host
FROM performance_schema.status_by_thread AS sbt
JOIN performance_schema.threads AS t ON t.thread_id = sbt.thread_id
JOIN performance_schema.status_by_thread AS t2 ON t2.thread_id = t.thread_id
WHERE sbt.variable_name = 'Ssl_version'
and t2.variable_name = 'Ssl_cipher'
ORDER BY tls_version;
I get no results, suggesting that it is not using SSL.
(n.b. If I look in the processlist I can see my connection, so it is definitely connected, and the performance-schema is enabled)
So which one is telling the truth. db1 which is receiving the connection or db2 which is initiating the connection?
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP