Config is in
/etc/mysql/mysql.conf.d/mysqld.cnf
default disabled:
/etc/mysql/mysql.conf.d/mysqld.cnf:103:# ssl-ca=/etc/mysql/cacert.pem
/etc/mysql/mysql.conf.d/mysqld.cnf:104:# ssl-cert=/etc/mysql/server-cert.pem
/etc/mysql/mysql.conf.d/mysqld.cnf:105:# ssl-key=/etc/mysql/server-key.pem
I confirm that the permissions keys are created are root only:
# ll /var/lib/mysql/server-key.pem
-rw------- 1 root root 1675 May 10 07:29 /var/lib/mysql/server-key.pem
Actually that is just the default of the tool as it comes from upstream
And it has parameters for all you need:
Adding --uid mysql would make it do what you want.
If the defaults of the upstream tool should be changed that would IMHO be an
upstream bug.
Unfortunately the user set up to use is not part of the ./configure call so I'm
not sure how it would know.
wishlist from Ubuntu perspective, if you happen to file an upstream bug
to change the default pelse mention it here so it can be tracked.
** Changed in: mysql-5.7 (Ubuntu)
Status: New => Confirmed
** Changed in: mysql-5.7 (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1828407
Title:
mysql_ssl_rsa_setup generates server-key.pem inacessible by mysqld
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1828407/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
