我正在尝试配置 MySQL 5.1.63,使其仅允许通过 SSL 进行远程连接。我可以确认连接通过 SSL 工作,但是我似乎无法阻止未加密的连接。
我正在遵循 MySQL 文档中的说明,并运行以下命令:
CREATE USER 'a' IDENTIFIED BY 'a';
GRANT ALL ON *.* TO 'a' REQUIRE SSL;
FLUSH PRIVILEGES;
然后,如果“protectme”是运行 MySQL 的计算机,我从远程计算机运行以下命令,
mysql -u a --password=a --host=protectme
它连接!我可以验证我连接的 MySQL 确实是“protectme”上的 MySQL。为了更好地衡量,我尝试重新启动 MySQL,并确认用户已在 mysql.user 表中更新:
mysql> SELECT * FROM mysql.user WHERE User = "a";
+------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+
| Host | User | Password | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv | Shutdown_priv | Process_priv | File_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Show_db_priv | Super_priv | Create_tmp_table_priv | Lock_tables_priv | Execute_priv | Repl_slave_priv | Repl_client_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Create_user_priv | Event_priv | Trigger_priv | ssl_type | ssl_cipher | x509_issuer | x509_subject | max_questions | max_updates | max_connections | max_user_connections |
+------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+
| % | a | *667F407DE7C6AD07358FA38DAED7828A72014B4E | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | N | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | ANY | | | | 0 | 0 | 0 | 0 |
+------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+
1 row in set (0.00 sec)
有谁知道我做错了什么?互联网上似乎没有其他人遇到这个问题,但它对我根本不起作用!非常感谢!