4

Hi I have possibly the oddest thing ever, or maybe its the heat today.

I am trying to connect to a mysql instance with a user that was setup with "REQUIRE SSL"

The user works fine and using mysql from the linux command line everything works as expected.

Now when I use the code bellow, with the correct real_connect() params php connects to mysql even though I have passed junk into ssl_set()

$mysqli->ssl_set('asdad', null, null, null, null);

If I set ssl_set like so, or comment the line out

$mysqli->ssl_set('', null, null, null, null);

I get an ssl error as expected.

Any ideas on why it is allowing the ssl connection with a random string for the key? The docs say this is a file location?

$mysqli = mysqli_init();

$mysqli->ssl_set('asdad', null, null, null, null);

$connected = $mysqli->real_connect('HOST',
                                   'USER',
                                   'PASSWROD',
                                   'DATABASE',
                                   3306,
                                   null,
                                   MYSQLI_CLIENT_SSL);

EDIT 1:

I have tested this on 3 sperete machines and get the same probelm. I have tested on php5.3, php5.4 and php5.5

EDIT 2:

If I remove ssl_set completely and only set MYSQLI_CLIENT_SSL it still connects. Looks like there is a default cert OR it is not validating anthing.

UPDATE 1:

So I thought that it was because this is an RDS instance and AWS say this

These certificates are signed by a certificate authority.

and therefore there was no need to set custom certs in php. However to prove this point I went back to the command line and tied

mysql -uUSER -pPASSWORD -hHOST --ssl

instead of 

mysql -uUSER -pPASSWORD -hHOST --ssl_ca=mysql-ssl-ca-cert.pem

The first command does not work the second does work. Still very confused about what is going on here.

Improve this question
3
  • I don't know that this is duplicate, but could be useful stackoverflow.com/questions/14053160/… Commented Jul 18, 2014 at 15:24
  • Thanks but I saw that post before. If I am reading it correctly they could not connect at all. I can connect with an invalid/none existant ssl cert. Which I should not be able to do. I am woundering if there is a default cert in php somehwere and it is connecting over ssl but not validating the connection. Is this possible? Commented Jul 19, 2014 at 10:30
  • Did you ever figure this out? I'm having the same exact issue right now and I can't figure it out for the life of me! Commented Aug 5, 2015 at 21:32
Related questions
5
PHP to MySQL SSL Connections
3
Connecting to MySQL via SSL using PHP
0
MySQL database SSL connection using PHP
Load 6 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.