Skip to end of metadataGo to start of metadata![Generate Remote Access Key Cpanel Generate Remote Access Key Cpanel](/uploads/1/2/5/8/125869899/343951512.png)
![Key Key](https://images.kualo.com/kbimages/whm11-management/whm-mgt-10-remotekey/frame4_1.png)
An access hash is a way for a program to access a server without having to use the root password. This hash is used for several things in the cPanel system, most notably setting up DNS Clusters. To create this hash you can visit WHM Remote Access Key.
For cPanel & WHM version 68
(WHM >> Home >> Clusters >> Remote Access Key)
Overview
Warning:
- We deprecated this interface in cPanel & WHM version 64. We strongly suggest that you use WHM's Manage API Tokens interface (WHM >> Home >> Development >> Manage API Tokens).
- This interface only appears if you enable the Allow deprecated WHM accesshash authentication setting in the Security section of WHM's Tweak Settings interface (WHM >> Home >> Server Configuration >> Tweak Settings).
- To convert your access hash to an API token, use the
/usr/local/cpanel/scripts/convert_accesshash_to_token
script.
You can use this feature to generate an access key, which is also known as an access hash. You can use this access key for automatic account creation scripts, external billing software, and to allow servers in your DNS or configuration clusters to exchange records.
![Generate Remote Access Key Cpanel Generate Remote Access Key Cpanel](/uploads/1/2/5/8/125869899/343951512.png)
Generate a new access key
To generate a new access key, perform the following steps:
- Click Generate New Key.
- Copy and paste the new access key to the appropriate file or location on the remote server(s) that need to communicate with your web server.
- To configure a DNS server cluster, read our DNS Cluster documentation.
- To configure a configuration cluster, read our Configuration Cluster documentation.
Note:
You can view the access hash via the command line in the
/root/.accesshash
file.![Key Key](https://images.kualo.com/kbimages/whm11-management/whm-mgt-10-remotekey/frame4_1.png)
Access Key Signature
The Access Key Signature includes the first 32 characters of the remote access key, separated by colons (
:
).You can use this signature to quickly check whether you used the correct access key in interfaces that display the key in a shortened format.
Additional documentation
Content by labelThere is no content with the specified labels
Content by labelThere is no content with the specified labels
Content by labelThere is no content with the specified labels
Table of Contents
- Overview
- Configure MySQL SSL connections
- Create the directory to store the SSL keys.
- Create the SSL keys.
- Edit the MySQL configuration.
- Test the SSL configuration.
- Create a user and allow remote access.
- Test the remote MySQL connection.
Table of Contents
- Overview
- Configure MySQL SSL connections
- Create the directory to store the SSL keys.
- Create the SSL keys.
- Edit the MySQL configuration.
- Test the SSL configuration.
- Create a user and allow remote access.
- Test the remote MySQL connection.
How to Configure MySQL SSL Connections
Valid for versions 88 through the latest version
Last modified: April 14, 2020
Overview
This document describes how to configure your server to use SSL for MySQL® database connections. After you secure your MySQL connections, malicious users cannot intercept your MySQL traffic.
You must possess
root
access to the client and host servers to complete this tutorial. Configure MySQL SSL connections
Create the directory to store the SSL keys.
To create the directory that will contain the SSL keys, perform the following steps:
- Log in to your server via SSH. For more information, read our SSH Access documentation.
- Create an SSL key storage directory that MySQL can access. For example, create the
mkdir /mysql_keys
command to create amysql_keys
directory.
Create the SSL keys.
In the following examples,
/mysql_keys
represents the key storage directory. To create the SSL keys, perform the following steps:
- Run the following commands to create the Certificate Authority (CA) keys:
- Run the following commands to create the server SSL key and certificate:
- Run the following commands to create the client SSL key and certificate:
Hostgator Cpanel Access
Edit the MySQL configuration.
To edit the MySQL configuration, perform the following steps:
- Open the
/etc/my.cnf
file with your preferred text editor. - Insert the following lines in the
[mysql]
section of themy.cnf
file: - Insert the following lines in the
[client]
section of themy.cnf
file:If theYour updated[client]
section does not exist, you must add a[client]
section.my.cnf
file should resemble the following example:- The
ssl-mode=REQUIRED
setting will create an encrypted connection if the server supports encrypted connections. If the server cannot create an encrypted connection, the connection will fail. For more information about additional options for thessl-mode
setting, read MySQL’s ssl-mode documentation. - MySQL introduced the
ssl-mode
setting in MySQL 5.7. If you run MySQL 5.6 or older, replacessl-mode=REQUIRED
withssl
.
- Save your changes to the
/etc/my.cnf
file and exit your text editor. - Run the following command to update the file permissions of the
/mysql_keys
directory and its files: - Run the
/scripts/restartsrv_mysql
script to restart MySQL.
Test the SSL configuration.
To test the SSL configuration, perform the following steps:
- To view MySQL’s active SSL configuration, run the following command:The output will resemble the following example:
- To check a local connection to MySQL, run the following command, where example represents the cPanel account username:
- When the system prompts you, enter the MySQL user account password.
- After you connect, run the
status
command. The output will resemble the following example:
Create a user and allow remote access.
This step is optional.
To create a user and allow remote access, perform the following steps:
- Navigate to cPanel’s MySQL Databases interface (cPanel >> Home >> Databases >> MySQL Databases) and create your database user.
- Add the remote server’s IP address to WHM’s Remote MySQL interface (cPanel >> Home >> Databases >> Remote MySQL).
- On the remote MySQL server, create an SSL key storage directory that MySQL can access. For example, use the
mkdir /mysql_keys
command to create amysql_keys
directory.You can skip this step if you have already created the/mysql_keys
directory on the remote MySQL server. - Copy the client SSL certificate to the remote MySQL server’s
/mysql
directory. - On the remote MySQL server, open the
/etc/my.cnf
file with your preferred text editor. - Insert the following lines in the
[client]
section of themy.cnf
file:If theYour updated /[client]
section does not exist, you must add the section.etc/my.cnf
file should resemble the following example:- The
ssl-mode=REQUIRED
setting will create an encrypted connection if the server supports encrypted connections. If the server cannot create an encrypted connection, the connection will fail. For more information about additional options for thessl-mode
setting, read MySQL’s ssl-mode documentation. - MySQL introduced the
ssl-mode
setting in MySQL 5.7. If you run MySQL 5.6 or older, replacessl-mode=REQUIRED
withssl
.
- Save your changes to the
/etc/my.cnf
file and exit your text editor. - Run the following command to update the permissions for the
/mysql_keys
directory and its files: - Restart the MySQL server.
If the remote MySQL server runs cPanel & WHM, use the
/scripts/restartsrv_mysql
script to restart MySQL. Test the remote MySQL connection.
To test the remote MySQL connection, perform the following steps:
- Log in to the remote MySQL server via SSH. For more information, read our SSH Access documentation.
- Use theThe
mysql
command to remotely connect to the MySQL server. The following example uses the IP address192.168.0.1
for the destination MySQL server andexample
for the MySQL user:mysql
command will connect you to the remote MySQL server and request the MySQL user password. - After you connect to the remote MySQL server, enter the
status
command. The output will resemble the following example: