Remote connect to MySql cloud instance with ssl and PDO

DIstvan

I have get a trial account to MySql cloud service and I would like to connect to my database instance using PDO and ssl.

The PDO has an options array and there is a possibility to set the ssl key, ssl cert and ssl ca but I cant any information where is the server certificates, or is there any way to create a secure connection within a php script?

DIstvan

So, finally I got the answer. I logged into the instance with ssh and found my certificates under the /u01/data/mysql directory. I copied to my folder and created a pdo object and made a connection successfully (ran: SHOW SESSION STATUS LIKE 'Ssl_cipher') and saw the result, the connection was secured. At first I got an error message and realized there was  a bug in the php pdo (7.0.4) so I updated it to 7.1.6 (builded a new docker image).

My script:

try
{
   $options = array(
  PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
  PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8",
  PDO::MYSQL_ATTR_SSL_KEY => '<configdir>/client-key.pem',
  PDO::MYSQL_ATTR_SSL_CERT  => <configdir>/client-cert.pem',
  PDO::MYSQL_ATTR_SSL_CA => '<configdir>/ca.pem',
  PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false
   );
   $pdo = new PDO("mysql:host=<dbhost>;port=<dbport>;dbname=<dbname>;charset=utf8", "<dbuser>", "<dbpassword>", $options);
}
catch(\PDOException $e)
{
   echo $e->getMessage();
   echo $e->getCode();
   die('Failed connecting');
}

The last attribute is important (don't verify server cert), because it will drop an error.