how to connect to mysql that uses ssl from PHP

another 1 · 04-13-2009, 10:24 AM

hi. i am trying to connect to mysql using PHP. it worked fine when there was no ssl. but i don't know how to connect to an account that require ssl.
that account set as follow
GRANT SELECT, INSERT ON *.* TO 'khalid'@'192.168.0.2' REQUIRE SSL;
i could connect from the terminal. but i don't know how from the php when the account uses ssl.

Robhogg · 04-13-2009, 11:18 AM

Are you trying to:

Use PHP to connect to a database running on another machine, from 192.168.0.2; or
Connect to a LAMP server from a client machine with IP address 192.168.0.2, over SSL?

If 1 is the case, mysql_connect can take "client flags" as an optional attribute, one of which is MYSQL_CLIENT_SSL. If 2 is the case, on the other hand, and the PHP scripts are on the same machine as the MySQL server, then the problem is that PHP is connecting from localhost, not from the IP of the client machine, so your GRANT statement would need to allow this. You could enforce the use of SSL by checking the value of $_SERVER['HTTPS'] in the script, and redirect the client if an attempt is made to access the page over plain HTTP.

another 1 · 04-21-2009, 08:03 AM

thank you very much. i found two ways. either using stunnel and this is the easiest way.
the problem that the PHP and the mysql documentations are horrible.
It seem that you are an expert in the security parts. i am now trying to configure the apache server to block some people and allow other based on their certificates. hope that you are not very busy to answer my questions.