从 PHP 使用 SSL 连接到远程 MySQL 服务器 [英] Connect to remote MySQL server with SSL from PHP
问题描述
我正在尝试使用 mysql_connect 从 PHP 通过 SSL 连接到远程 MySQL 服务器:
I'm trying to connect to remote MySQL server with SSL from PHP using mysql_connect:
$link = mysql_connect(
"ip",
"user",
"pass",
true,
MYSQL_CLIENT_SSL
)
并得到有史以来最严重的错误:
And get worst error ever:
SSL connection error
我在 my.cnf 中添加了以下参数:
I've added following params into my.cnf:
[client]
ssl-ca =/etc/mysql/ssl/ca-cert.pm
ssl-cert =/etc/mysql/ssl/client-cert.pem
ssl-key =/etc/mysql/ssl/client-key.pem
所以我可以使用
#mysql -h ip -u user -p
所以连接到 mysql 服务器可以正常工作,据我了解问题出在 php/mysql 合作中.可能我遗漏了一些参数.
So connection to mysql server do work and as far as I understand problem is in php/mysql cooperation. Probably I'm missing some params.
很遗憾我不能使用 mysqli lib,因为 pdo_mysql 的工作适配器太多.
Unfortunately I can't use mysqli lib because have too many working adapters for pdo_mysql.
我的 PHP 版本是 5.3.6-13ubuntu3.6MySQL 版本为 5.1.61
My PHP Version is 5.3.6-13ubuntu3.6 MySQL version is 5.1.61
我也添加了
mssql.secure_connection = On
到我的 php.ini
to my php.ini
将不胜感激!
推荐答案
很遗憾,我不能使用 mysqli lib,因为 pdo_mysql 的工作适配器太多."
"Unfortunately I can't use mysqli lib because have too many working adapters for pdo_mysql."
您正在使用旧的 MySQL 扩展(mysql_connect"),该扩展不再处于开发阶段(仅维护).由于您使用的是 PHP 5,您可能需要使用 MySQLi,MySQL改进扩展.除其他外,它具有面向对象的接口,支持准备/多语句并具有增强的调试功能.您可以在此处阅读有关转换为 MySQLi 的更多信息;有关 mysqli 类本身的更多信息此处.
You're using the old MySQL extension ("mysql_connect"), which is no longer under development (maintenance only). Since you're using PHP 5, you may want to use MySQLi, the MySQL Improved Extension. Among other things, it has an object-oriented interface, support for prepared/multiple statements and has enhanced debugging capabilities. You can read more about converting to MySQLi here; more about the mysqli class itself here.
以下是一些可以帮助您入门的示例代码:
Here is some sample code that may help you get started:
<?php
ini_set ('error_reporting', E_ALL);
ini_set ('display_errors', '1');
error_reporting (E_ALL|E_STRICT);
$db = mysqli_init();
mysqli_options ($db, MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);
$db->ssl_set('/etc/mysql/ssl/client-key.pem', '/etc/mysql/ssl/client-cert.pem', '/etc/mysql/ssl/ca-cert.pem', NULL, NULL);
$link = mysqli_real_connect ($db, 'ip', 'user', 'pass', 'db', 3306, NULL, MYSQLI_CLIENT_SSL);
if (!$link)
{
die ('Connect error (' . mysqli_connect_errno() . '): ' . mysqli_connect_error() . "\n");
} else {
$res = $db->query('SHOW TABLES;');
print_r ($res);
$db->close();
}
?>
如果 PDO_MYSQL 确实是您想要的,那么您需要做这样的事情:
If PDO_MYSQL is really what you want, then you need to do something like this:
<?php
$pdo = new PDO('mysql:host=ip;dbname=db', 'user', 'pass', array(
PDO::MYSQL_ATTR_SSL_KEY =>'/etc/mysql/ssl/client-key.pem',
PDO::MYSQL_ATTR_SSL_CERT=>'/etc/mysql/ssl/client-cert.pem',
PDO::MYSQL_ATTR_SSL_CA =>'/etc/mysql/ssl/ca-cert.pem'
)
);
$statement = $pdo->query("SHOW TABLES;");
$row = $statement->fetch(PDO::FETCH_ASSOC);
echo htmlentities($row['_message']);
?>
然而,只有最新版本的 PHP 才对 PDO 提供 SSL 支持,并且在(至少)5.3.8 版中会默默忽略 SSL 选项:请参阅 错误报告.
However, only recent versions of PHP have SSL support for PDO, and SSL options are silently ignored in (at least) version 5.3.8: see the bug report.
祝你好运!
这篇关于从 PHP 使用 SSL 连接到远程 MySQL 服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!