2

If I run this code requiring SSL it won't work (Access denied for user) but without SSL it works.

What might be happening at the server end to stop this? Obviously not password/user config and another connection to the server with SSL works fine so I know the server is accepting encrypted connections.

For info I have already checked out Connect to remote MySQL server with SSL from PHP.

$dbE = new PDO(
    'mysql:dbname=DB;host=IP',
    USER,
    PASS,
    array(
        PDO::MYSQL_ATTR_SSL_KEY => 'D:\ssl\mysql\client-key.pem',
        PDO::MYSQL_ATTR_SSL_CERT => 'D:\ssl\mysql\client-cert.pem',
        PDO::MYSQL_ATTR_SSL_CA => 'D:\ssl\mysql\ca-cert.pem'
    )
);
Community
  • 1
  • 1
Ukuser32
  • 2,147
  • 2
  • 22
  • 32
  • What php version are you using? – Daan Sep 30 '14 at 13:21
  • I am currently on 5.3.8 but in the process of upgrading to the latest WAMP server to see if that improves things. Unfortunately the \\ didn't specifically help but will see if an upgrade does. – Ukuser32 Sep 30 '14 at 13:53

1 Answers1

2

After a LOT of investigation, rebuilding certificates and head bashing I figured it out (ptl). The issue was (and I've not really found this anywhere) but the client certificates must be COPIED from the server to the client. The paths used in the PDO configs are paths to the CLIENTS copy of the ca/cert/key as opposed to the paths on the server. I hadn't appreciated this and I think it needed to be slightly clearer.

Even the example on http://dev.mysql.com/doc/refman/5.0/en/creating-ssl-certs.html implies the client keys reside on the server as opposed to the client. I hope this is helpful.

Ukuser32
  • 2,147
  • 2
  • 22
  • 32