Forum Stats

  • 3,875,605 Users
  • 2,266,952 Discussions
  • 7,912,268 Comments

Discussions

Remote connect to MySql cloud instance with ssl and PDO

DIstvan
DIstvan Member Posts: 4
edited Jul 2, 2017 9:21AM in PHP

I have get a trial account to MySql cloud service and I would like to connect to my database instance using PDO and ssl.

The PDO has an options array and there is a possibility to set the ssl key, ssl cert and ssl ca but I cant any information where is the server certificates, or is there any way to create a secure connection within a php script?

Answers

  • DIstvan
    DIstvan Member Posts: 4
    edited Jul 2, 2017 9:21AM

    So, finally I got the answer. I logged into the instance with ssh and found my certificates under the /u01/data/mysql directory. I copied to my folder and created a pdo object and made a connection successfully (ran: SHOW SESSION STATUS LIKE 'Ssl_cipher') and saw the result, the connection was secured. At first I got an error message and realized there was  a bug in the php pdo (7.0.4) so I updated it to 7.1.6 (builded a new docker image).

    My script:

    try
    {
       $options = array(
      PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
      PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8",
      PDO::MYSQL_ATTR_SSL_KEY => '<configdir>/client-key.pem',
      PDO::MYSQL_ATTR_SSL_CERT  => <configdir>/client-cert.pem',
      PDO::MYSQL_ATTR_SSL_CA => '<configdir>/ca.pem',
      PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false
       );
       $pdo = new PDO("mysql:host=<dbhost>;port=<dbport>;dbname=<dbname>;charset=utf8", "<dbuser>", "<dbpassword>", $options);
    }
    catch(\PDOException $e)
    {
       echo $e->getMessage();
       echo $e->getCode();
       die('Failed connecting');
    }

    The last attribute is important (don't verify server cert), because it will drop an error.

This discussion has been closed.