## MySQL instances listening on 3306, 3307 rm -rf 3306 bin/mysqld --defaults-file=./3306.cnf --initialize-insecure --basedir=$PWD --datadir=$PWD/3306 -v bin/mysqld --defaults-file=./3306.cnf --basedir=$PWD --datadir=$PWD/3306 --core-file --socket=/tmp/mysql_3306.sock --port=3306 --log-error=$PWD/3306/log.err 2>&1 & rm -rf 3307 bin/mysqld --defaults-file=./3307.cnf --initialize-insecure --basedir=$PWD --datadir=$PWD/3307 -v bin/mysqld --defaults-file=./3307.cnf --basedir=$PWD --datadir=$PWD/3307 --core-file --socket=/tmp/mysql_3307.sock --port=3307 --log-error=$PWD/3307/log.err 2>&1 & [umshastr@hod03]/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18: bin/mysql_ssl_rsa_setup --datadir=3306/ Generating a 2048 bit RSA private key ........+++ ......................+++ writing new private key to 'ca-key.pem' ----- Generating a 2048 bit RSA private key .........................................................+++ ..+++ writing new private key to 'server-key.pem' ----- Generating a 2048 bit RSA private key .....................................................+++ .............+++ writing new private key to 'client-key.pem' ----- [umshastr@hod03]/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18: bin/mysql_ssl_rsa_setup --datadir=3307/ Generating a 2048 bit RSA private key ..........+++ ................................+++ writing new private key to 'ca-key.pem' ----- Generating a 2048 bit RSA private key ..+++ .+++ writing new private key to 'server-key.pem' ----- Generating a 2048 bit RSA private key ................................................+++ .............................................................................+++ writing new private key to 'client-key.pem' ----- -- Restart mysqld to use ssl [umshastr@hod03]/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18: cat 3306.cnf 3307.cnf [mysqld] ssl-ca=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/ca.pem ssl-cert=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/server-cert.pem ssl-key=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/server-key.pem [mysql] [mysqld] ssl-ca=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3307/ca.pem ssl-cert=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3307/server-cert.pem ssl-key=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3307/server-key.pem ## MySQL Router conf cat ~/.mysqlrouter.conf [logger] level = INFO [routing:read_only] bind_address = 127.0.0.1 bind_port = 7001 destinations = 127.0.0.1:3307 mode = read-only [routing:read_write] bind_address = 127.0.0.1 bind_port = 7002 destinations = 127.0.0.1:3306 mode = read-write -- started ./bin/mysqlrouter 2017-06-08 11:16:04 INFO [7f0f2709e700] [routing:read_write] started: listening on 127.0.0.1:7002; read-write 2017-06-08 11:16:04 INFO [7f0f27a9f700] [routing:read_only] started: listening on 127.0.0.1:7001; read-only ## Created 'bug' which require SSL [umshastr@hod03]/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18: bin/mysql --no-defaults -v --user=bug --host=127.0.0.1 --port=7002 --protocol=tcp --ssl-ca=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/ca.pem --ssl-cert=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/client-cert.pem --ssl-key=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/client-key.pem Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 12 Server version: 5.7.18-enterprise-commercial-advanced MySQL Enterprise Server - Advanced Edition (Commercial) Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Reading history-file /home/umshastr/.mysql_history Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> \s -------------- bin/mysql Ver 14.14 Distrib 5.7.18, for linux-glibc2.5 (x86_64) using EditLine wrapper Connection id: 12 Current database: Current user: bug@localhost SSL: Cipher in use is DHE-RSA-AES128-GCM-SHA256 Current pager: more Using outfile: '' Using delimiter: ; Server version: 5.7.18-enterprise-commercial-advanced MySQL Enterprise Server - Advanced Edition (Commercial) Protocol version: 10 Connection: 127.0.0.1 via TCP/IP Server characterset: latin1 Db characterset: latin1 Client characterset: utf8 Conn. characterset: utf8 TCP port: 7002 Uptime: 1 hour 29 min 29 sec Threads: 1 Questions: 40 Slow queries: 0 Opens: 117 Flush tables: 1 Open tables: 110 Queries per second avg: 0.007 -------------- mysql> \q Writing history-file /home/umshastr/.mysql_history Bye [umshastr@hod03]/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18: bin/mysql --no-defaults -vv --user=bug --host=127.0.0.1 --port=7002 --protocol=tcp --ssl-ca=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/ca.pem --ssl-cert=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/client-cert.pem --ssl-key=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/client-key.pem Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 13 Server version: 5.7.18-enterprise-commercial-advanced MySQL Enterprise Server - Advanced Edition (Commercial) Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Reading history-file /home/umshastr/.mysql_history Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> \q Writing history-file /home/umshastr/.mysql_history Bye [umshastr@hod03]/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18: [umshastr@hod03]/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18: [umshastr@hod03]/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18: bin/mysql --no-defaults -v -ubug -S /tmp/mysql_3306.sock --ssl-ca=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/ca.pem --ssl-cert=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/client-cert.pem --ssl-key=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/client-key.pem Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 14 Server version: 5.7.18-enterprise-commercial-advanced MySQL Enterprise Server - Advanced Edition (Commercial) Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Reading history-file /home/umshastr/.mysql_history Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. You are enforcing ssl conection via unix socket. Please consider switching ssl off as it does not make connection via unix socket any more secure. mysql> \q Writing history-file /home/umshastr/.mysql_history Bye [umshastr@hod03]/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18: bin/mysql --no-defaults -vv -ubug -S /tmp/mysql_3306.sock --ssl-ca=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/ca.pem --ssl-cert=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/client-cert.pem --ssl-key=/export/umesh/server/binaries/GABuilds/mysql-advanced-5.7.18/3306/client-key.pem Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 15 Server version: 5.7.18-enterprise-commercial-advanced MySQL Enterprise Server - Advanced Edition (Commercial) Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Reading history-file /home/umshastr/.mysql_history Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. You are enforcing ssl conection via unix socket. Please consider switching ssl off as it does not make connection via unix socket any more secure. mysql>