4.6.8 mysql_migrate_keyring — Keyring Key Migration Utility钥匙圈密钥迁移实用程序

The mysql_migrate_keyring utility migrates keys between one keyring component and another. It supports offline and online migrations.mysql_migrate_keyring实用程序可以在一个密钥环组件和另一个组件之间迁移密钥。它支持离线和在线迁移。

Invoke mysql_migrate_keyring like this (enter the command on a single line):像这样调用mysql_migrate_keyring(在一行中输入命令):

mysql_migrate_keyring
  --component-dir=dir_name
  --source-keyring=name
  --destination-keyring=name
  [other options]

For information about key migrations and instructions describing how to perform them using mysql_migrate_keyring and other methods, see Section 6.4.4.13, “Migrating Keys Between Keyring Keystores”.有关密钥迁移的信息以及描述如何使用mysql_migrate_keyring和其他方法执行密钥迁移的说明,请参阅第6.4.4.13节,“在密钥库之间迁移密钥”

mysql_migrate_keyring supports the following options, which can be specified on the command line or in the [mysql_migrate_keyring] group of an option file. mysql_migrate_keyring支持以下选项,可以在命令行或选项文件的[mysql_migrate_ keyring]组中指定。For information about option files used by MySQL programs, see Section 4.2.2.2, “Using Option Files”.有关MySQL程序使用的选项文件的信息,请参阅第4.2.2.2节,“使用选项文件”

Table 4.21 mysql_migrate_keyring Options选项

Option Name选项名称Description描述
--component-dirDirectory for keyring components钥匙圈组件目录
--defaults-extra-fileRead named option file in addition to usual option files除了常规选项文件外,还读取命名选项文件
--defaults-fileRead only named option file只读命名选项文件
--defaults-group-suffixOption group suffix value选项组后缀值
--destination-keyringDestination keyring component name目标密钥环组件名称
--destination-keyring-configuration-dirDestination keyring component configuration directory目标密钥环组件配置目录
--get-server-public-keyRequest RSA public key from server从服务器请求RSA公钥
--helpDisplay help message and exit显示帮助消息并退出
--hostHost on which MySQL server is locatedMySQL服务器所在的主机
--login-pathRead login path options from .mylogin.cnf.mylogin.cnf读取登录路径选项
--no-defaultsRead no option files不读取选项文件
--online-migrationMigration source is an active server迁移源是活动服务器
--passwordPassword to use when connecting to server连接到服务器时使用的密码
--portTCP/IP port number for connection用于连接的TCP/IP端口号
--print-defaultsPrint default options打印默认选项
--server-public-key-pathPath name to file containing RSA public key包含RSA公钥的文件的路径名
--socketUnix socket file or Windows named pipe to use要使用的Unix套接字文件或Windows命名管道
--source-keyringSource keyring component name源密钥环组件名称
--source-keyring-configuration-dirSource keyring component configuration directory源密钥环组件配置目录
--ssl-caFile that contains list of trusted SSL Certificate Authorities包含受信任SSL证书颁发机构列表的文件
--ssl-capathDirectory that contains trusted SSL Certificate Authority certificate files包含受信任的SSL证书颁发机构证书文件的目录
--ssl-certFile that contains X.509 certificate包含X.509证书的文件
--ssl-cipherPermissible ciphers for connection encryption连接加密的允许密码
--ssl-crlFile that contains certificate revocation lists包含证书吊销列表的文件
--ssl-crlpathDirectory that contains certificate revocation-list files包含证书吊销列表文件的目录
--ssl-fips-modeWhether to enable FIPS mode on client side是否在客户端启用FIPS模式
--ssl-keyFile that contains X.509 key包含X.509密钥的文件
--ssl-modeDesired security state of connection to server与服务器连接的所需安全状态
--tls-ciphersuitesPermissible TLSv1.3 ciphersuites for encrypted connections加密连接允许的TLSv1.3密码套件
--tls-versionPermissible TLS protocols for encrypted connections加密连接的允许TLS协议
--userMySQL user name to use when connecting to server连接到服务器时使用的MySQL用户名
--verboseVerbose mode详细模式
--versionDisplay version information and exit显示版本信息并退出