Pre-General Availability: 2023-05-24
In some cases, such as when you install and run MySQL Shell separately, you might be prompted to load the certificates required by MySQL Shell for VS Code. When running MySQL Shell for VS Code with embedded MySQL Shell, the tool manages the required certificates for you.
The certificates are stored:
Linux (see Unix: Set up a certificate for a web server supporting HTTPS running on the localhost)
macOS (see Unix: Set up a certificate for a web server supporting HTTPS running on the localhost)
Windows (see Set up a certificate for a web server on Windows)
There are two certificates:
To set up a certificate for a web server supporting HTTPS running on the local host:
rootCA.keywith pass phrase, by issuing at the command line.
openssl genrsa -des3 -out rootCA.key 2048
Generate root SSL certificate
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem
Trust the root SSL certificate.
Open Keychain Access.
Navigate to Category Certificates.
Select Import Items to load the, and use
Double-click the imported certificate and change the When using this certificate drop-down option to in the Trust section.
On Linux, issue:
security add-trusted-cert -d -r trustRoot -k ~/Library/Keychains/login.keychain-db rootCA.pem
Create a certificate key for the local host using the configuration settings stored in
openssl req -new -sha256 -nodes -out server.csr -newkey rsa:2048 -keyout server.key -config <( cat server.csr.cnf )
Create a domain certificate for the local host.
openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 500 -sha256 -extfile v3.ext
To install root SSL certificate in Windows, use Microsoft Management Console (MMC):
Right-click Start and click .
MMCto open Microsoft Management Console.
Selectand click .
Click Certificates, and select .
In the Certificates snap-in window, select Computer Account, and click .
Select Local Computer and click .
Clickto go back to main MMC console window.
Double-click Certificates (local computer) to expand its view.
Right-click Certificates, located under Trusted Root Certification Authorities, select , and click .
Complete the wizard to import the chain certificate. Browse to locate the chain certificate to be imported or
rootCA.pemfile to import.
Select Place all certificates in the following store, and select the Trusted Root Certification Authorities store.
Click, and click to complete the wizard.