MySQL SSL connection through ADODB library

Question

I have a MySQL database hosted on a remote server and it is enabled to accept only SSL connection. When I connect to this database using Java JDBC with SSL options, it works fine. There is a special jdbc string that I use for JDBC connection as below "jdbc:mysql://:/?verifyServerCertificate=false&useSSL=true&requireSSL=true"

I need to use similar connection through PHP using the ADODB library.

I found few references over the web about using the ADODB mysqli extension

---

(reference http://mbrisby.blogspot.com/2008/06/adodb-php-mysql-ssl.html)

After creating a CA certificate (we'll say it's at /path/to/ca-cert.pem), make sure that the following item is in the [client] stanza of /etc/my.cnf or the connecting user's ~/.my.cnf on the client host:

ssl-ca=/path/to/ca-cert.pem

Then try the following PHP program:

// these are part of the AdoDB library require '/path/to/adodb-exceptions.inc.php'; require '/path/to/adodb.inc.php';

/* * I got the '2048' from running * printf( "%d\n", MYSQLI_CLIENT_SSL ) * in a PHP program (w/ the mysqli extention installed) */ $dsn = 'mysqli://ssluser:sslpass@dbhost/test?clientflags=2048';

$dbh = NewADOConnection($dsn);

$sql = "show status like 'ssl_cipher'"; $res =& $dbh->Execute($sql); print_r( $res->fields ); $res->Close();

$dbh->Close();

---

---

Do I need the certificate information if I am connecting from a different machine to this mysql database?

Is there something similar to the JDBC string available for PHP?

It would be great if someone can post a working example

Thank you

Answer 1

I have no experience connecting MySQL with SSL. MySQL driver have flags (MYSQL_CLIENT_SSL) that you can use when connecting.

To set it when connecting using AdoDB, you can try my connection template:

$options = '';
if ($driver == 'mysql' OR $driver == 'mysqli')
{
  if ($params['pconnect'] === TRUE)
  {
    $options .= '?persist';
  }
  $flags = MYSQL_CLIENT_COMPRESS;
  if ($params['ssl'] === TRUE)
  {
    $flags = $flags | MYSQL_CLIENT_SSL;
  }
  $options .= (empty($options)?'?':'&')."clientflags=$flags";
}

$dsn = "{$driver}://{$username}:{$password}@{$hostname}/{$database}{$options}";

$adodb =& ADONewConnection($dsn);

if ($adodb)
{
  //set fetch mode
  $adodb->SetFetchMode(ADODB_FETCH_BOTH);

  //character set
  if ($driver == 'mysql' OR $driver == 'mysqli')
  {
    if (isset($params['char_set']) AND $params['char_set']
        AND isset($params['dbcollat']) AND $params['dbcollat'])
    {
      $charset    = $adodb->qstr($params['char_set']);
      $collation  = $adodb->qstr($params['dbcollat']);
      $adodb->Execute("SET NAMES $charset COLLATE $collation");
    }
  }
  if ($debug)
  {
    @ob_start();
    $adodb->debug = TRUE;
  }
}