MySQL with SSL Connection

This public forum is for user-to-user discussions of PHPMaker. Note that this is not support forum.
Post Reply
totza2010
User
Posts: 107

MySQL with SSL Connection

Post by totza2010 »

I use trial version and create new project for test ssl. I use Mysql ssl, when load table it works. bus synchronizes show "Load database failed.#HY000Connections using insecure transport are prohibited --require_secure_transport=ON."

I use Encrypted Connection and use CA certificate file, Certificate file, Key file .then load database it works, my server is configured to connect via ssl only, if not set Encrypted Connection will not be able to connect. But here Encrypted Connection is set up and database and tables can be loaded. but when synchronize It says Encrypted Connection is not set. Try saving the project file and opening it again. The settings in the Encrypted Connection section will disappear.

How can I fix it?


Webmaster
User
Posts: 9425

Post by Webmaster »

Try v2023.8.0.


totza2010
User
Posts: 107

Post by totza2010 »

Using a database retrieval program and can be synced But when the generate file came out On the web page, it still pops up like it doesn't have the generation to retrieve the ssl database.

vendor\doctrine\dbal\src\Driver\API\MySQL\ExceptionConverter.php(117): An exception occurred in the driver: SQLSTATE[HY000] [3159] Connections using insecure transport are prohibited while --require_secure_transport=ON.


arbei
User
Posts: 9292

Post by arbei »

If you use pdo_mysql, you may try to use Database_Connecting server event to set the PDO SSL options, e.g.

$info["driverOptions"] = [
    \PDO::MYSQL_ATTR_SSL_CA => '...',
    \PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false,
    // Other options.
];

totza2010
User
Posts: 107

Post by totza2010 »

I try to Use This.

// MySQL
function Database_Connecting(&$info) {
//var_dump($info);
if (IsLocal()) { // Local (Development)
$info["ssl_ca"] = "D:\\certs\\ca.pem";
$info["ssl_cert"] = "D:\\certs\\client-cert.pem";
$info["ssl_key"] = "D:\\certs\\client-key.pem";
} else { // Production
$info["ssl_ca"] = "/my/path/ca.pem";
$info["ssl_cert"] = "/my/path/client-cert.pem";
$info["ssl_key"] = "/my/path/client-key.pem";
}
}

Not works.


arbei
User
Posts: 9292

Post by arbei »

Those settings are for mysqli, not for pdo_mysql.


totza2010
User
Posts: 107

Post by totza2010 »

function Database_Connecting(&$info) {
//var_dump($info);
$info["driverOptions"] = [
PDO::MYSQL_ATTR_SSL_CA => 'C:\\Users\\totza\\Downloads\\ca-cert.pem',
PDO::MYSQL_ATTR_SSL_CERT => 'C:\\Users\\totza\\Downloads\\client-cert.pem',
PDO::MYSQL_ATTR_SSL_KEY => 'C:\\Users\\totza\\Downloads\\client-key.pem'
];
}

error:

src\userfn.php(39): Class "PHPMaker2023\Stock2023\PDO" not found


arbei
User
Posts: 9292

Post by arbei »

  1. You may use Fully qualified name (with leading "\"), e.g. \PDO::MYSQL_ATTR_SSL_CA,
  2. Make sure the settings are valid for the web server, e.g. C:\\Users\\totza\\Downloads\\ca-cert.pem may not be valid after you upload to your production server.

totza2010
User
Posts: 107

Post by totza2010 »

The phpfn.php file in the latest template (19.8.8) saw that there was a change in the code in the function ConnectDb($info)->if ($info["driver"] == "pdo_mysql"). What is the effect of changing the code here? And still need to use the code below on the page. Database_Connecting exists?

function Database_Connecting(&$info) {
if (IsLocal()) { // Local (Development)
//var_dump($info);
$info["driverOptions"] = [
\PDO::MYSQL_ATTR_SSL_CA => 'C:\\Users\\totza\\Downloads\\ca-cert.pem',
\PDO::MYSQL_ATTR_SSL_CERT => 'C:\\Users\\totza\\Downloads\\client-cert.pem',
\PDO::MYSQL_ATTR_SSL_KEY => 'C:\\Users\\totza\\Downloads\\client-key.pem'
];
} else { // Production
//var_dump($info);
$info["driverOptions"] = [
\PDO::MYSQL_ATTR_SSL_CA => '/mysql_keys/ca.pem',
\PDO::MYSQL_ATTR_SSL_CERT => '/mysql_keys/client-cert.pem',
\PDO::MYSQL_ATTR_SSL_KEY => '/mysql_keys/client-key.pem'
];
}
}


arbei
User
Posts: 9292

Post by arbei »

You still need to provide your production settings by the server event.


Post Reply