MySQL Replication and letsencrypt certificates (client side)

Hi friends,
i’ve been seen “Using Let’s Encrypt certs with MySQL for database replication” post.

My doubt is about the client side:
Should I copy the master certificates on slave server? And only use these (master certificates) on slave for secure connection?
In this scenario I should automate the copy of the certificates to the slave server, (considering
that they expire every three months…).
Do you recommend using Letsencrypt certificates for this operation?

many thanks

An internal CA is a better fit for this. It’s both easier to deploy and more secure because you don’t have to trust a third-party at all.

I’ve used easy-rsa for this in the past and it’s worked fairly well. If you’re familiar with OpenSSL’s command-line interface, you could go the manual route as well.

1 Like

Perfect,
many thanks Patrick!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.