第七色在线视频,2021少妇久久久久久久久久,亚洲欧洲精品成人久久av18,亚洲国产精品特色大片观看完整版,孙宇晨将参加特朗普的晚宴

為了賬號安全,請及時綁定郵箱和手機(jī)立即綁定
已解決430363個問題,去搜搜看,總會有你想問的

連接到 mysql/mariadb 與 ssl 和 certs in go

連接到 mysql/mariadb 與 ssl 和 certs in go

Go
幕布斯7119047 2022-08-24 16:54:30
有很多例子說明如何在只需要用戶名和密碼時使用go/golang連接到mariadb /mysql數(shù)據(jù)庫。但是我還沒有找到一個簡單的例子,其中客戶端需要證書(TLS / SSL)來連接。這適用于香草連接package mainimport (    "database/sql"    "fmt"    "log"    _ "github.com/go-sql-driver/mysql") // Test that db is usable// prints current date & time to stdoutfunc queryDB(db *sql.DB) {    // Query the database    var result string    err := db.QueryRow("SELECT NOW()").Scan(&result)    if err != nil {        log.Fatal(err)    }    fmt.Println(result)}func main() {    // generate connection string    cs := fmt.Sprintf("%s:%s@tcp(%s:%s)/%s", "username", "password", "dbHost", "dbPort", "database")    db, err := sql.Open("mysql", cs)    if err != nil {        log.Printf("Error %s when opening DB\n", err)        log.Printf("%s", cs)        return    }    defer db.Close()    e := db.Ping()    fmt.Println(cs, e)    queryDB(db)}但是,如果客戶端需要證書進(jìn)行連接,我應(yīng)該將該信息放在哪里?在我看來,這將是這些行:my.cnf[mysql]## MySQL Client Configuration ##ssl-ca=cert/ca-cert.pemssl-cert=cert/client-cert.pemssl-key=cert/client-key.pem
查看完整描述

1 回答

?
www說

TA貢獻(xiàn)1775條經(jīng)驗 獲得超8個贊

為了能夠使用證書進(jìn)行身份驗證,您必須創(chuàng)建一個,然后執(zhí)行一個并添加到連接字符串中。tls.Configmysql.RegisterTLSConfig("custom", &tlsConf)"?tsl=custom"


從何而來tls"crypto/tls"mysql"github.com/go-sql-driver/mysql"


一個工作示例:


package main


import (

    "crypto/tls"

    "crypto/x509"

    "database/sql"

    "fmt"

    "io/ioutil"

    "log"


    "github.com/go-sql-driver/mysql"

    _ "github.com/go-sql-driver/mysql"

)



// path to cert-files hard coded

// Most of this is copy pasted from the internet

// and used without much reflection

func createTLSConf() tls.Config {


    rootCertPool := x509.NewCertPool()

    pem, err := ioutil.ReadFile("cert/ca-cert.pem")

    if err != nil {

        log.Fatal(err)

    }

    if ok := rootCertPool.AppendCertsFromPEM(pem); !ok {

        log.Fatal("Failed to append PEM.")

    }

    clientCert := make([]tls.Certificate, 0, 1)


    certs, err := tls.LoadX509KeyPair("cert/client-cert.pem", "cert/client-key.pem")

    if err != nil {

        log.Fatal(err)

    }


    clientCert = append(clientCert, certs)


    return tls.Config{

        RootCAs:            rootCertPool,

        Certificates:       clientCert,

        InsecureSkipVerify: true, // needed for self signed certs

    }

}



// Test that db is usable

// prints version to stdout

func queryDB(db *sql.DB) {

    // Query the database

    var result string

    err := db.QueryRow("SELECT NOW()").Scan(&result)

    if err != nil {

        log.Fatal(err)

    }

    fmt.Println(result)

}


func main() {


    // When I realized that the tls/ssl/cert thing was handled separately

    // it became easier, the following two lines are the important bit

    tlsConf := createTLSConf()  

    err := mysql.RegisterTLSConfig("custom", &tlsConf)


    if err != nil {

        log.Printf("Error %s when RegisterTLSConfig\n", err)

        return

    }


    // connection string (dataSourceName) is slightly different

    dsn := fmt.Sprintf("%s:%s@tcp(%s:%s)/%s?tls=custom", "username", "password", "dbHost", "dbPort", "database")

    db1, err := sql.Open("mysql", dsn)


    if err != nil {

        log.Printf("Error %s when opening DB\n", err)

        log.Printf("%s", dsn)

        return

    }

    defer db1.Close()

    e := db1.Ping()

    fmt.Println(dsn, e)

    queryDB(db1)

}


查看完整回答
反對 回復(fù) 2022-08-24
  • 1 回答
  • 0 關(guān)注
  • 130 瀏覽
慕課專欄
更多

添加回答

舉報

0/150
提交
取消
微信客服

購課補(bǔ)貼
聯(lián)系客服咨詢優(yōu)惠詳情

 幫助反饋 APP下載

慕課網(wǎng)APP
您的移動學(xué)習(xí)伙伴

 公眾號

掃描二維碼
關(guān)注慕課網(wǎng)微信公眾號