This section describes options supported by most MySQL client programs that control how client programs establish connections to the server, whether connections are encrypted, and whether connections are compressed. These options can be given on the command line or in an option file.本节介绍大多数MySQL客户端程序支持的选项,这些选项控制客户端程序如何建立与服务器的连接、连接是否加密以及连接是否压缩。这些选项可以在命令行或选项文件中给出。
This section describes options that control how client programs establish connections to the server. 本节介绍控制客户端程序如何建立与服务器连接的选项。For additional information and examples showing how to use them, see Section 4.2.4, “Connecting to the MySQL Server Using Command Options”.有关如何使用它们的更多信息和示例,请参阅第4.2.4节,“使用命令选项连接到MySQL服务器”。
Table 4.3 Connection-Establishment Option Summary连接建立选项摘要
| --default-auth | |
| --host | |
| --password | |
| --pipe | |
| --plugin-dir | |
| --port | |
| --protocol | |
| --shared-memory-base-name | |
| --socket | |
| --user |
A hint about which client-side authentication plugin to use. See Section 6.2.17, “Pluggable Authentication”.关于使用哪个客户端身份验证插件的提示。参阅第6.2.17节,“可插拔身份验证”。
--host=, host_name-h host_name
The host on which the MySQL server is running. The value can be a host name, IPv4 address, or IPv6 address. The default value is MySQL服务器运行的主机。该值可以是主机名、IPv4地址或IPv6地址。默认值为localhost.localhost。
--password[=, pass_val]-p[pass_val]
The password of the MySQL account used for connecting to the server. 用于连接到服务器的MySQL帐户的密码。The password value is optional. If not given, the program prompts for one. 密码值是可选的。如果没有给出,程序会提示输入一个。If given, there must be no space between 如果给定,则--password= or -p and the password following it. --password=或-p与后面的密码之间不得有空格。If no password option is specified, the default is to send no password.如果未指定密码选项,则默认为不发送密码。
Specifying a password on the command line should be considered insecure. To avoid giving the password on the command line, use an option file. 在命令行上指定密码应被视为不安全。为了避免在命令行上输入密码,请使用选项文件。See Section 6.1.2.1, “End-User Guidelines for Password Security”.请参阅第6.1.2.1节,“密码安全最终用户指南”。
To explicitly specify that there is no password and that the client program should not prompt for one, use the 要明确指定没有密码并且客户端程序不应提示输入密码,请使用--skip-password option.--skip-password选项。
--pipe, -W
On Windows, connect to the server using a named pipe. 在Windows上,使用命名管道连接到服务器。This option applies only if the server was started with the 仅当服务器启动时启用了named_pipe system variable enabled to support named-pipe connections. named_pipe系统变量以支持命名管道连接时,此选项才适用。In addition, the user making the connection must be a member of the Windows group specified by the 此外,进行连接的用户必须是named_pipe_full_access_group system variable.named_pipe_full_access_group系统变量指定的Windows组的成员。
The directory in which to look for plugins. Specify this option if the 查找插件的目录。如果使用--default-auth option is used to specify an authentication plugin but the client program does not find it. --default-auth选项指定身份验证插件,但客户端程序找不到它,请指定此选项。See Section 6.2.17, “Pluggable Authentication”.请参阅第6.2.17节,“可插拔身份验证”。
--port=, port_num-P port_num
For TCP/IP connections, the port number to use. The default port number is 3306.对于TCP/IP连接,要使用的端口号。默认端口号为3306。
--protocol={TCP|SOCKET|PIPE|MEMORY}
This option explicitly specifies which transport protocol to use for connecting to the server. 此选项明确指定用于连接到服务器的传输协议。It is useful when other connection parameters normally result in use of a protocol other than the one you want. 当其他连接参数通常导致使用与您想要的协议不同的协议时,它很有用。For example, connections on Unix to 例如,默认情况下,Unix上到localhost are made using a Unix socket file by default:localhost的连接是使用Unix套接字文件进行的:
mysql --host=localhost
To force TCP/IP transport to be used instead, specify a 要强制使用TCP/IP传输,请指定--protocol option:--protocol选项:
mysql --host=localhost --protocol=TCP
The following table shows the permissible 下表显示了允许的--protocol option values and indicates the applicable platforms for each value. The values are not case-sensitive.--protocol选项值,并指出了每个值的适用平台。这些值不区分大小写。
--protocol Value | ||
|---|---|---|
TCP | All | |
SOCKET | ||
PIPE | Windows | |
MEMORY | Windows |
See also Section 4.2.7, “Connection Transport Protocols”另见第4.2.7节,“连接传输协议”
--shared-memory-base-name=name
On Windows, the shared-memory name to use for connections made using shared memory to a local server. The default value is 在Windows上,用于使用共享内存连接到本地服务器的共享内存名称。默认值为MYSQL. The shared-memory name is case-sensitive.MYSQL。共享内存名称区分大小写。
This option applies only if the server was started with the 此选项仅适用于服务器启动时启用了shared_memory system variable enabled to support shared-memory connections.shared_memory系统变量以支持共享内存连接的情况。
--socket=, path-S path
On Unix, the name of the Unix socket file to use for connections made using a named pipe to a local server. The default Unix socket file name is 在Unix上,用于使用命名管道连接到本地服务器的Unix套接字文件的名称。默认的Unix套接字文件名是/tmp/mysql.sock./tmp/mysql.sock。
On Windows, the name of the named pipe to use for connections to a local server. 在Windows上,用于连接到本地服务器的命名管道的名称。The default Windows pipe name is 默认的Windows管道名称是MySQL. MySQL。The pipe name is not case-sensitive.管道名称不区分大小写。
On Windows, this option applies only if the server was started with the 在Windows上,此选项仅在服务器启动时启用了named_pipe system variable enabled to support named-pipe connections. named_pipe系统变量以支持命名管道连接时适用。In addition, the user making the connection must be a member of the Windows group specified by the 此外,进行连接的用户必须是named_pipe_full_access_group system variable.named_pipe_full_access_group系统变量指定的Windows组的成员。
--user=, user_name-u user_name
The user name of the MySQL account to use for connecting to the server. The default user name is 用于连接到服务器的MySQL帐户的用户名。默认用户名在Windows上为ODBC on Windows or your Unix login name on Unix.ODBC,在Unix上为Unix登录名。
This section describes options for client programs that specify whether to use encrypted connections to the server, the names of certificate and key files, and other parameters related to encrypted-connection support. 本节介绍客户端程序的选项,这些选项指定是否使用到服务器的加密连接、证书和密钥文件的名称以及与加密连接支持相关的其他参数。For examples of suggested use and how to check whether a connection is encrypted, see Section 6.3.1, “Configuring MySQL to Use Encrypted Connections”.有关建议使用的示例以及如何检查连接是否加密,请参阅第6.3.1节,“配置MySQL以使用加密连接”。
These options have an effect only for connections that use a transport protocol subject to encryption; that is, TCP/IP and Unix socket-file connections. See Section 4.2.7, “Connection Transport Protocols”这些选项仅对使用加密传输协议的连接有效;即TCP/IP和Unix套接字文件连接。参阅第4.2.7节,“连接传输协议”。
For information about using encrypted connections from the MySQL C API, see Support for Encrypted Connections.有关使用MySQL C API加密连接的信息,请参阅对加密连接的支持。
Table 4.4 Connection-Encryption Option Summary连接加密选项摘要
| --get-server-public-key | ||
|---|---|---|
| --server-public-key-path | ||
| --ssl-ca | ||
| --ssl-capath | ||
| --ssl-cert | ||
| --ssl-cipher | ||
| --ssl-crl | ||
| --ssl-crlpath | ||
| --ssl-fips-mode | ||
| --ssl-key | ||
| --ssl-mode | ||
| --tls-ciphersuites | 8.0.16 | |
| --tls-version |
Request from the server the public key required for RSA key pair-based password exchange. 从服务器请求基于RSA密钥对的密码交换所需的公钥。This option applies to clients that authenticate with the 此选项适用于使用caching_sha2_password authentication plugin. caching_sha2_password身份验证插件进行身份验证的客户端。For that plugin, the server does not send the public key unless requested. This option is ignored for accounts that do not authenticate with that plugin. 对于该插件,除非请求,否则服务器不会发送公钥。对于不使用该插件进行身份验证的帐户,此选项将被忽略。It is also ignored if RSA-based password exchange is not used, as is the case when the client connects to the server using a secure connection.如果不使用基于RSA的密码交换,它也会被忽略,就像客户端使用安全连接连接到服务器的情况一样。
If 如果给定了--server-public-key-path= is given and specifies a valid public key file, it takes precedence over file_name--get-server-public-key.--server-public-key-path=file_name并指定了一个有效的公钥文件,则它优先于--get-server-public-key。
For information about the 有关caching_sha2_password plugin, see Section 6.4.1.2, “Caching SHA-2 Pluggable Authentication”.caching_sha2_password插件的信息,请参阅第6.4.1.2节,“缓存SHA-2可插拔身份验证”。
--server-public-key-path=file_name
The path name to a file in PEM format containing a client-side copy of the public key required by the server for RSA key pair-based password exchange. PEM格式文件的路径名,该文件包含服务器基于RSA密钥对进行密码交换所需的公钥客户端副本。This option applies to clients that authenticate with the 此选项适用于使用sha256_password or caching_sha2_password authentication plugin. sha256_password或caching_sha2_password身份验证插件进行身份验证的客户端。This option is ignored for accounts that do not authenticate with one of those plugins. 对于未使用这些插件之一进行身份验证的帐户,此选项将被忽略。It is also ignored if RSA-based password exchange is not used, as is the case when the client connects to the server using a secure connection.如果不使用基于RSA的密码交换,它也会被忽略,就像客户端使用安全连接连接到服务器的情况一样。
If 如果给定了--server-public-key-path= is given and specifies a valid public key file, it takes precedence over file_name--get-server-public-key.--server-public-key-path=file_name并指定了一个有效的公钥文件,则它优先于--get-server-public-key。
This option is available only if MySQL was built using OpenSSL.仅当MySQL使用OpenSSL构建时,此选项才可用。
For information about the 有关sha256_password and caching_sha2_password plugins, see Section 6.4.1.3, “SHA-256 Pluggable Authentication”, and Section 6.4.1.2, “Caching SHA-2 Pluggable Authentication”.sha256_password和caching_sha2_password插件的信息,请参阅第6.4.1.3节,“SHA-256可插拔身份验证”和第6.4.1.2节,“缓存SHA-2可插拔身份认证”。
The path name of the Certificate Authority (CA) certificate file in PEM format. The file contains a list of trusted SSL Certificate Authorities.PEM格式的证书颁发机构(CA)证书文件的路径名。该文件包含受信任的SSL证书颁发机构列表。
To tell the client not to authenticate the server certificate when establishing an encrypted connection to the server, specify neither 要告诉客户端在建立到服务器的加密连接时不要对服务器证书进行身份验证,请既不指定--ssl-ca nor --ssl-capath. --ssl-ca也不指定--ssl-capath。The server still verifies the client according to any applicable requirements established for the client account, and it still uses any 服务器仍然根据为客户端帐户建立的任何适用要求验证客户端,并且它仍然使用服务器端指定的任何ssl_ca or ssl_capath system variable values specified on the server side.ssl_ca或ssl_capath系统变量值。
To specify the CA file for the server, set the 要为服务器指定CA文件,请设置ssl_ca system variable.ssl_ca系统变量。
The path name of the directory that contains trusted SSL certificate authority (CA) certificate files in PEM format.包含PEM格式的受信任SSL证书颁发机构(CA)证书文件的目录的路径名。
To tell the client not to authenticate the server certificate when establishing an encrypted connection to the server, specify neither 要告诉客户端在建立到服务器的加密连接时不要对服务器证书进行身份验证,请既不指定--ssl-ca nor --ssl-capath. --ssl-ca也不指定--ssl-capath。The server still verifies the client according to any applicable requirements established for the client account, and it still uses any 服务器仍然根据为客户端帐户建立的任何适用要求验证客户端,并且它仍然使用服务器端指定的任何ssl_ca or ssl_capath system variable values specified on the server side.ssl_ca或ssl_capath系统变量值。
To specify the CA directory for the server, set the 要指定服务器的CA目录,请设置ssl_capath system variable.ssl_capath系统变量。
The path name of the client SSL public key certificate file in PEM format.PEM格式的客户端SSL公钥证书文件的路径名。
To specify the server SSL public key certificate file, set the 要指定服务器SSL公钥证书文件,请设置ssl_cert system variable.ssl_cert系统变量。
The list of permissible encryption ciphers for connections that use TLS protocols up through TLSv1.2. If no cipher in the list is supported, encrypted connections that use these TLS protocols do not work.在TLSv1.2之前使用TLS协议的连接的允许加密密码列表。如果列表中不支持密码,则使用这些TLS协议的加密连接将无法工作。
For greatest portability, 为了获得最大的可移植性,cipher_list should be a list of one or more cipher names, separated by colons. Examples:cipher_list应该是一个由冒号分隔的一个或多个密码名称的列表。示例:
--ssl-cipher=AES128-SHA --ssl-cipher=DHE-RSA-AES128-GCM-SHA256:AES128-SHA
OpenSSL supports the syntax for specifying ciphers described in the OpenSSL documentation at https://www.openssl.org/docs/manmaster/man1/ciphers.html.OpenSSL支持OpenSSL文档https://www.openssl.org/docs/manmaster/man1/ciphers.html中描述的指定密码的语法。
For information about which encryption ciphers MySQL supports, see Section 6.3.2, “Encrypted Connection TLS Protocols and Ciphers”.有关MySQL支持哪些加密密码的信息,请参阅第6.3.2节,“加密连接TLS协议和密码”。
To specify the encryption ciphers for the server, set the 要为服务器指定加密密码,请设置ssl_cipher system variable.ssl_cipher系统变量。
The path name of the file containing certificate revocation lists in PEM format.包含PEM格式证书吊销列表的文件的路径名。
If neither 如果未给出--ssl-crl nor --ssl-crlpath is given, no CRL checks are performed, even if the CA path contains certificate revocation lists.--ssl-crl或--ssl-crlpath,则不会执行crl检查,即使CA路径包含证书吊销列表。
To specify the revocation-list file for the server, set the 要指定服务器的吊销列表文件,请设置ssl_crl system variable.ssl_crl系统变量。
The path name of the directory that contains certificate revocation-list files in PEM format.包含PEM格式的证书吊销列表文件的目录的路径名。
If neither 如果未给出--ssl-crl nor --ssl-crlpath is given, no CRL checks are performed, even if the CA path contains certificate revocation lists.--ssl-crl或--ssl-crlpath,则不会执行crl检查,即使CA路径包含证书吊销列表。
To specify the revocation-list directory for the server, set the 要指定服务器的吊销列表目录,请设置ssl_crlpath system variable.ssl_crlpath系统变量。
--ssl-fips-mode={OFF|ON|STRICT}
Controls whether to enable FIPS mode on the client side. 控制是否在客户端启用FIPS模式。The --ssl-fips-mode option differs from other --ssl- options in that it is not used to establish encrypted connections, but rather to affect which cryptographic operations to permit. xxx--ssl-fips-mode选项与其他--ssl-xxx选项的不同之处在于,它不用于建立加密连接,而是影响允许的加密操作。See Section 6.8, “FIPS Support”.请参阅第6.8节,“FIPS支持”。
These 这些--ssl-fips-mode values are permissible:--ssl-fips-mode值是允许的:
OFF: Disable FIPS mode.:禁用FIPS模式。
ON: Enable FIPS mode.:启用FIPS模式。
STRICT: Enable “strict” FIPS mode.:启用“严格”FIPS模式。
If the OpenSSL FIPS Object Module is not available, the only permissible value for 如果OpenSSL FIPS对象模块不可用,则--ssl-fips-mode is OFF. --ssl-fips-mode的唯一允许值为OFF。In this case, setting 在这种情况下,将--ssl-fips-mode to ON or STRICT causes the client to produce a warning at startup and to operate in non-FIPS mode.--ssl-fips-mode设置为ON或STRICT会导致客户端在启动时产生警告,并在非fips模式下运行。
To specify the FIPS mode for the server, set the 要为服务器指定FIPS模式,请设置ssl_fips_mode system variable.ssl_fips_mode系统变量。
The path name of the client SSL private key file in PEM format. For better security, use a certificate with an RSA key size of at least 2048 bits.PEM格式的客户端SSL私钥文件的路径名。为了提高安全性,请使用RSA密钥大小至少为2048位的证书。
If the key file is protected by a passphrase, the client program prompts the user for the passphrase. The password must be given interactively; it cannot be stored in a file. If the passphrase is incorrect, the program continues as if it could not read the key.如果密钥文件受密码保护,客户端程序会提示用户输入密码。密码必须以交互方式给出;它不能存储在文件中。如果密码不正确,程序将继续,就像无法读取密钥一样。
To specify the server SSL private key file, set the 要指定服务器SSL私钥文件,请设置ssl_key system variable.ssl_key系统变量。
This option specifies the desired security state of the connection to the server. These mode values are permissible, in order of increasing strictness:此选项指定与服务器连接的所需安全状态。按照严格程度的顺序,这些模式值是允许的:
DISABLED: Establish an unencrypted connection.:建立未加密的连接。
PREFERRED: Establish an encrypted connection if the server supports encrypted connections, falling back to an unencrypted connection if an encrypted connection cannot be established. :如果服务器支持加密连接,请建立加密连接;如果无法建立加密连接,则退回到未加密连接。This is the default if 如果未指定--ssl-mode is not specified.--ssl-mode,则这是默认设置。
Connections over Unix socket files are not encrypted with a mode of Unix套接字文件上的连接不是用PREFERRED. PREFERRED模式加密的。To enforce encryption for Unix socket-file connections, use a mode of 要对Unix套接字文件连接强制加密,请使用REQUIRED or stricter. REQUIRED或更严格的模式。(However, socket-file transport is secure by default, so encrypting a socket-file connection makes it no more secure and increases CPU load.)(但是,默认情况下,套接字文件传输是安全的,因此加密套接字文件连接不会使其更安全,反而会增加CPU负载。)
REQUIRED: Establish an encrypted connection if the server supports encrypted connections. The connection attempt fails if an encrypted connection cannot be established.:如果服务器支持加密连接,则建立加密连接。如果无法建立加密连接,则连接尝试失败。
VERIFY_CA: Like :与REQUIRED, but additionally verify the server Certificate Authority (CA) certificate against the configured CA certificates. The connection attempt fails if no valid matching CA certificates are found.REQUIRED一样,但还要根据配置的CA证书验证服务器证书颁发机构(CA)证书。如果找不到有效的匹配CA证书,则连接尝试失败。
VERIFY_IDENTITY: Like :类似于VERIFY_CA, but additionally perform host name identity verification by checking the host name the client uses for connecting to the server against the identity in the certificate that the server sends to the client:VERIFY_CA,但另外通过检查客户端用于连接到服务器的主机名与服务器发送给客户端的证书中的身份来执行主机名身份验证:
As of MySQL 8.0.12, if the client uses OpenSSL 1.0.2 or higher, the client checks whether the host name that it uses for connecting matches either the Subject Alternative Name value or the Common Name value in the server certificate. 从MySQL 8.0.12开始,如果客户端使用OpenSSL 1.0.2或更高版本,客户端会检查其用于连接的主机名是否与服务器证书中的Subject Alternative name值或Common name值匹配。Host name identity verification also works with certificates that specify the Common Name using wildcards.主机名身份验证也适用于使用通配符指定通用名的证书。
Otherwise, the client checks whether the host name that it uses for connecting matches the Common Name value in the server certificate.否则,客户端将检查其用于连接的主机名是否与服务器证书中的Common name值匹配。
The connection fails if there is a mismatch. For encrypted connections, this option helps prevent man-in-the-middle attacks.如果不匹配,连接将失败。对于加密连接,此选项有助于防止中间人攻击。
Host name identity verification with 使用VERIFY_IDENTITY does not work with self-signed certificates that are created automatically by the server or manually using mysql_ssl_rsa_setup (see Section 6.3.3.1, “Creating SSL and RSA Certificates and Keys using MySQL”).VERIFY_IDENTITY进行主机名身份验证不适用于服务器自动创建或使用mysql_ssl_rsa_setup手动创建的自签名证书(请参阅第6.3.3.1节,“使用mysql创建ssl和rsa证书和密钥”)。 Such self-signed certificates do not contain the server name as the Common Name value.此类自签名证书不包含服务器名称作为通用名称值。
The --ssl-mode option interacts with CA certificate options as follows:--ssl-mode选项与CA证书选项交互如下:
If 如果未明确设置--ssl-mode is not explicitly set otherwise, use of --ssl-ca or --ssl-capath implies --ssl-mode=VERIFY_CA.--ssl-mode,则使用--ssl-ca或--ssl-capath意味着--ssl-mode=VERIFY_CA。
For 对于--ssl-mode values of VERIFY_CA or VERIFY_IDENTITY, --ssl-ca or --ssl-capath is also required, to supply a CA certificate that matches the one used by the server.VERIFY_CA或VERIFY_IDENTITY的--ssl-mode值,还需要--ssl-ca或--ssl-capath,以提供与服务器使用的CA证书匹配的CA证书。
An explicit 具有--ssl-mode option with a value other than VERIFY_CA or VERIFY_IDENTITY, together with an explicit --ssl-ca or --ssl-capath option, produces a warning that no verification of the server certificate is performed, despite a CA certificate option being specified.VERIFY_CA或VERIFY_IDENTITY以外的值的显式--ssl-mode选项,以及显式--ssl-ca或--ssl-canath选项,会产生一个警告,即尽管指定了CA证书选项,但不会执行服务器证书的验证。
To require use of encrypted connections by a MySQL account, use 要要求MySQL帐户使用加密连接,请使用CREATE USER to create the account with a REQUIRE SSL clause, or use ALTER USER for an existing account to add a REQUIRE SSL clause. CREATE USER创建具有REQUIRE SSL子句的帐户,或对现有帐户使用ALTER USER添加REQUIRE SSL子句。This causes connection attempts by clients that use the account to be rejected unless MySQL supports encrypted connections and an encrypted connection can be established.这会导致使用该帐户的客户端的连接尝试被拒绝,除非MySQL支持加密连接并且可以建立加密连接。
The REQUIRE clause permits other encryption-related options, which can be used to enforce security requirements stricter than REQUIRE SSL. REQUIRE子句允许其他与加密相关的选项,这些选项可用于执行比REQUIRE SSL更严格的安全要求。For additional details about which command options may or must be specified by clients that connect using accounts configured using the various 有关使用使用各种REQUIRE options, see CREATE USER SSL/TLS Options.REQUIRE选项配置的帐户进行连接的客户端可以或必须指定哪些命令选项的更多详细信息,请参阅CREATE USER SSL/TLS选项。
--tls-ciphersuites=ciphersuite_list
This option specifies which ciphersuites the client permits for encrypted connections that use TLSv1.3. The value is a list of zero or more colon-separated ciphersuite names. For example:此选项指定客户端允许哪些密码适用于使用TLSv1.3的加密连接。该值是零个或多个冒号分隔的密码套件名称的列表。例如:
mysql --tls-ciphersuites="suite1:suite2:suite3"
The ciphersuites that can be named for this option depend on the SSL library used to compile MySQL. If this option is not set, the client permits the default set of ciphersuites. I可以为此选项命名的密码套件取决于用于编译MySQL的SSL库。如果未设置此选项,则客户端允许使用默认的密码套件集。一、f the option is set to the empty string, no ciphersuites are enabled and encrypted connections cannot be established. 如果该选项设置为空字符串,则不会启用任何密码套件,也无法建立加密连接。For more information, see Section 6.3.2, “Encrypted Connection TLS Protocols and Ciphers”.有关更多信息,请参阅第6.3.2节,“加密连接TLS协议和密码”。
This option was added in MySQL 8.0.16.此选项是在MySQL 8.0.16中添加的。
To specify which ciphersuites the server permits, set the 要指定服务器允许哪些密码套件,请设置tls_ciphersuites system variable.tls_cryptosuites系统变量。
This option specifies the TLS protocols the client permits for encrypted connections. The value is a list of one or more comma-separated protocol versions. For example:此选项指定客户端允许用于加密连接的TLS协议。该值是一个或多个逗号分隔的协议版本的列表。例如:
mysql --tls-version="TLSv1.1,TLSv1.2"
The protocols that can be named for this option depend on the SSL library used to compile MySQL. Permitted protocols should be chosen such as not to leave “holes” in the list. For example, these values do not have holes:可以为此选项命名的协议取决于用于编译MySQL的SSL库。应选择允许的协议,以免在列表中留下“漏洞”。例如,这些值没有孔:
--tls-version="TLSv1,TLSv1.1,TLSv1.2,TLSv1.3" --tls-version="TLSv1.1,TLSv1.2,TLSv1.3" --tls-version="TLSv1.2,TLSv1.3" --tls-version="TLSv1.3"
These values do have holes and should not be used:这些值确实有孔,不应使用:
--tls-version="TLSv1,TLSv1.2" --tls-version="TLSv1.1,TLSv1.3"
For details, see Section 6.3.2, “Encrypted Connection TLS Protocols and Ciphers”.有关详细信息,请参阅第6.3.2节,“加密连接TLS协议和密码”。
To specify which TLS protocols the server permits, set the 要指定服务器允许哪些TLS协议,请设置tls_version system variable.tls_version系统变量。
This section describes options that enable client programs to control use of compression for connections to the server. For additional information and examples showing how to use them, see Section 4.2.8, “Connection Compression Control”.本节介绍使客户端程序能够控制与服务器连接的压缩使用的选项。有关如何使用它们的更多信息和示例,请参阅第4.2.8节,“连接压缩控制”。
Table 4.5 Connection-Compression Option Summary连接压缩选项摘要
| --compress | 8.0.18 | ||
|---|---|---|---|
| --compression-algorithms | 8.0.18 | ||
| --zstd-compression-level | 8.0.18 |
--compress, -C
Compress all information sent between the client and the server if possible.如果可能的话,压缩客户端和服务器之间发送的所有信息。
As of MySQL 8.0.18, this option is deprecated. Expect it to be removed in a future version of MySQL. See Configuring Legacy Connection Compression.从MySQL 8.0.18开始,此选项已被弃用。预计它将在MySQL的未来版本中被删除。请参阅配置传统连接压缩。
--compression-algorithms=value
The permitted compression algorithms for connections to the server. 允许用于连接到服务器的压缩算法。The available algorithms are the same as for the 可用的算法与protocol_compression_algorithms system variable. protocol_compressionalgorithms系统变量的算法相同。The default value is 默认值为uncompressed.uncompressed(未压缩)。
This option was added in MySQL 8.0.18.此选项是在MySQL 8.0.18中添加的。
--zstd-compression-level=level
The compression level to use for connections to the server that use the 用于连接到使用zstd压缩算法的服务器的压缩级别。zstd compression algorithm. The permitted levels are from 1 to 22, with larger values indicating increasing levels of compression. 允许的级别为1到22,较大的值表示压缩级别增加。The default 默认的zstd compression level is 3. zstd压缩级别为3。The compression level setting has no effect on connections that do not use 压缩级别设置对不使用zstd compression.zstd压缩的连接没有影响。
This option was added in MySQL 8.0.18.此选项是在MySQL 8.0.18中添加的。