compiles MySQL Community version 5.5.61, which includes the SSL certificate, that is, -DWITH_SSL=bundled
, using OpenSSL v1.1.0i. Compilation is successful and can be used after compilation.
in turn, the SSL connection is added, and the certificate is generated on the machine, according to the MySQL official manual .
then modified in the configuration file of MySQL, adding some contents as follows
[client]
...
ssl-ca=/path/to/ca.pem
ssl-cert=/path/to/client-cert.pem
ssl-key=/path/to/client-key.pem
[mysqld]
...
ssl-ca=/path/to/ca.pem
ssl-cert=/path/to/server-cert.pem
ssl-key=/path/to/server-key.pem
after starting MySQL, check the status and have
mysql> SHOW VARIABLES LIKE "%ssl%";
+---------------+---------------------------------------+
| Variable_name | Value |
+---------------+---------------------------------------+
| have_openssl | YES |
| have_ssl | YES |
| ssl_ca | /path/to/ca.pem |
| ssl_capath | |
| ssl_cert | /path/to/server-cert.pem |
| ssl_cipher | |
| ssl_key | /path/to/server-key.pem |
+---------------+---------------------------------------+
7 rows in set (0.00 sec)
and
mysql> \s
--------------
./mysql Ver 14.14 Distrib 5.5.61, for Linux (i686) using EditLine wrapper
Connection id: 3
Current database:
Current user: root@localhost
SSL: Cipher in use is DHE-RSA-AES256-SHA
Current pager: stdout
Using outfile: ""
Using delimiter: ;
Server version: 5.5.61-log Source distribution
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: utf8mb4
Db characterset: utf8mb4
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /tmp/mysql.sock
Uptime: 1 hour 2 min 50 sec
however, you cannot log in with phpMyAdmin v4.8.2, suggesting
mysqli_real_connect (): Cannot connect to MySQL by using SSL
. In fact, after I changed the host parameter in phpMyAdmin to 127.0.0.1, in the case of using localhhost, I reported several more error messages. I found on Stack Overflow that it would be better to change to an IP address, because there is no socket socket connection.
the configuration section of phpMyAdmin is as follows
$cfg["Servers"][$i]["host"] = "127.0.0.1";
$cfg["Servers"][$i]["port"] = "3306";
$cfg["Servers"][$i]["socket"] = "/tmp/mysql.sock";
$cfg["Servers"][$i]["connect_type"] = "tcp";
$cfg["Servers"][$i]["compress"] = false;
$cfg["Servers"][$i]["auth_type"] = "cookie";
$cfg["Servers"][$i]["user"] = "root";
$cfg["Servers"][$i]["password"] = "";
$cfg["Servers"][$i]["extension"] = "mysqli";
$cfg["Servers"][$i]["AllowNoPassword"] = false;
/* Use SSL for connection to database server */
$cfg["Servers"][$i]["ssl"] = true;
$cfg["Servers"][$i]["ssl_key"] = "/path/to/server-key.pem";
$cfg["Servers"][$i]["ssl_cert"] ="/path/to/server-cert.pem";
$cfg["Servers"][$i]["ssl_ca"] = "ca.pem";
$cfg["Servers"][$i]["ssl_ca_path"] = "/path/to/";
$cfg["Servers"][$i]["ssl_ciphers"] = "DHE-RSA-AES256-SHA";
$cfg["Servers"][$i]["ssl_verify"] = true;
now it is normal to use other php programs, such as Nextcloud,. I guess maybe SSL, is not used between Nextcloud and MySQL, or is the PHP program phpMyAdmin just not connected to the SSL mode of MySQL? It can be connected to MySQL in non-SSL mode.
Why on earth can"t phpMyAdmin log in?