[root@izuf693wyms6h7ot360phcz cert]# cockroach cert create-ca --certs-dir=certs --ca-key=my-safe-directory/ca.key
[root@izuf693wyms6h7ot360phcz cert]# cockroach cert create-node crdb.jiushu8.com crdb.jiushu8.com --certs-dir=certs --ca-key=my-safe-directory/ca.key
[root@izuf693wyms6h7ot360phcz cert]# cockroach cert create-client root --certs-dir=certs --ca-key=my-safe-directory/ca.key
[root@izuf693wyms6h7ot360phcz cert]# cockroach cert create-client admin --certs-dir=certs --ca-key=my-safe-directory/ca.key
[root@izuf693wyms6h7ot360phcz cert]# cockroach cert create-client songbook --certs-dir=certs --ca-key=my-safe-directory/ca.key
cockroach start --certs-dir=/root/cert/certs --http-port=8089 &
cockroach sql --certs-dir=/root/cert/certs --host=crdb.jiushu8.com
root@crdb.jiushu8.com:26257/system> CREATE USER IF NOT EXISTS songbook;
CREATE USER 1
Time: 18.159248ms
root@crdb.jiushu8.com:26257/system> select * from users
-> ;
username | hashedPassword | isRole
+----------+----------------+--------+
admin | | true
root | | false
songbook | | false
(3 rows)
Time: 3.280875ms
root@crdb.jiushu8.com:26257/system> create database songbook;
CREATE DATABASE
Time: 30.820433ms
root@crdb.jiushu8.com:26257/system> grant all on database songbook to songbook;
root@crdb.jiushu8.com:26257/defaultdb> alter user songbook with password '77aaa999';
ALTER USER 1
Time: 146.931868ms
php链接cockroachDB的链接字符串:
<?php
try {
$dbh = new PDO('pgsql:host=crdb.jiushu8.com;port=26257;dbname=songbook;sslmode=require;sslrootcert=/web/devtools/website/babysong/cert/ca.crt;sslkey=/web/devtools/website/babysong/cert/client.songbook.key;sslcert=/web/devtools/website/babysong/cert/client.songbook.crt',
'songbook', '77aaa999', array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => true,
PDO::ATTR_PERSISTENT => true
));
$dbh->exec('CREATE TABLE IF NOT EXISTS drivers (
id UUID NOT NULL,
city STRING NOT NULL,
name STRING,
dl STRING UNIQUE,
address STRING,
CONSTRAINT "primary" PRIMARY KEY (city ASC, id ASC)
);');
//$dbh->exec("INSERT INTO drivers VALUES
//('c28f5c28-f5c2-4000-8000-000000000026', 'new york', 'Petee', 'ABC-1234', '101 5th Ave');");
print "Account balances:\r\n";
foreach ($dbh->query('SELECT id, city FROM drivers') as $row) {
print $row['id'] . ': ' . $row['city'] . "\r\n";
}
} catch (Exception $e) {
print $e->getMessage() . "\r\n";
exit(1);
}
另外密钥文件权限如下:
[root@izuf693wyms6h7ot360phcz cert]# ls -l
总用量 12
-rw-r--r-- 1 root root 1111 2月 29 01:20 ca.crt
-rw-r--r-- 1 root root 1107 2月 28 22:54 client.songbook.crt
-rw------- 1 apache apache 1675 2月 28 22:54 client.songbook.key
[root@izuf693wyms6h7ot360phcz cert]#
网友评论