Appendix D Deployment Configuration File

Upon the completion of the deployment described in this guide, the MySQL configuration file (/etc/my.cnf) contains these configuration settings:

[mysqld]
datadir=/usr/local/mysql/data
socket=/tmp/mysql.sock
port=3306
log-error=/usr/local/mysql/data/localhost.localdomain.err
user=mysql
secure_file_priv=/usr/local/mysql/mysql-files
local_infile=OFF
plugin-load-add=validate_password.so
validate-password=FORCE_PLUS_PERMANENT
validate_password_policy=MEDIUM
validate_password_check_user_name=1
audit-log=FORCE_PLUS_PERMANENT
query_cache_type=0
query_cache_size=0
mysql_firewall_mode=ON
plugin-load-add=connection_control.so
connection-control=FORCE_PLUS_PERMANENT
connection-control-failed-login-attempts=FORCE_PLUS_PERMANENT
connection_control_failed_connections_threshold=3
connection_control_min_connection_delay=1000
connection_control_max_connection_delay=2147483647
block_encryption_mode=aes-256-cbc
plugin-load-add=auth_socket.so
auth_socket=FORCE_PLUS_PERMANENT
ssl_ca=ca.pem
ssl_cert=client-cert.pem
ssl_key=client-key.pem
bind_address=192.0.2.24
tls_version=TLSv1.2
ssl_cipher=DHE-RSA-AES128-GCM-SHA256
default_password_lifetime=120