I’m trying to set up a database replication so that it uses secure connections, but it is not clear what certificates I have to use. Here is my current configuration:
[mysqld] # ssl-ca identifies the Certificate Authority (CA) certificate. # wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem ssl-ca=/etc/ssl/certs/lets-encrypt-x3-cross-signed.pem # ssl-cert identifies the server public key certificate. This can be sent to the client and authenticated against the CA certificate that it has. ssl-cert=/etc/letsencrypt/live/MYDOMAIN/cert.pem # or chain.pem|fullchain.pem ? # ssl-key identifies the server private key. ssl-key=/etc/letsencrypt/live/MYDOMAIN/privkey.pem
My doubts are on the first two options. Are they correct?