从 PHP 使用 SSL 连接到远程 MySQL 服务器 [英] Connect to remote MySQL server with SSL from PHP

问题描述

我正在尝试使用 mysql_connect 从 PHP 通过 SSL 连接到远程 MySQL 服务器:

I'm trying to connect to remote MySQL server with SSL from PHP using mysql_connect:

$link = mysql_connect(
    "ip",
    "user",
    "pass",
    true,
    MYSQL_CLIENT_SSL
)

并得到有史以来最严重的错误:

And get worst error ever:

SSL connection error

我在 my.cnf 中添加了以下参数:

I've added following params into my.cnf:

[client]
ssl-ca      =/etc/mysql/ssl/ca-cert.pm
ssl-cert    =/etc/mysql/ssl/client-cert.pem
ssl-key     =/etc/mysql/ssl/client-key.pem

所以我可以使用

#mysql -h ip -u user -p

所以连接到 mysql 服务器可以正常工作，据我了解问题出在 php/mysql 合作中.可能我遗漏了一些参数.

So connection to mysql server do work and as far as I understand problem is in php/mysql cooperation. Probably I'm missing some params.

很遗憾我不能使用 mysqli lib，因为 pdo_mysql 的工作适配器太多.

Unfortunately I can't use mysqli lib because have too many working adapters for pdo_mysql.

我的 PHP 版本是 5.3.6-13ubuntu3.6MySQL 版本为 5.1.61

My PHP Version is 5.3.6-13ubuntu3.6 MySQL version is 5.1.61

我也添加了

mssql.secure_connection = On

到我的 php.ini

to my php.ini

将不胜感激！

推荐答案

很遗憾，我不能使用 mysqli lib，因为 pdo_mysql 的工作适配器太多."

"Unfortunately I can't use mysqli lib because have too many working adapters for pdo_mysql."

您正在使用旧的 MySQL 扩展(mysql_connect")，该扩展不再处于开发阶段(仅维护).由于您使用的是 PHP 5，您可能需要使用 MySQLi，MySQL改进扩展.除其他外，它具有面向对象的接口，支持准备/多语句并具有增强的调试功能.您可以在此处阅读有关转换为 MySQLi 的更多信息；有关 mysqli 类本身的更多信息此处.

You're using the old MySQL extension ("mysql_connect"), which is no longer under development (maintenance only). Since you're using PHP 5, you may want to use MySQLi, the MySQL Improved Extension. Among other things, it has an object-oriented interface, support for prepared/multiple statements and has enhanced debugging capabilities. You can read more about converting to MySQLi here; more about the mysqli class itself here.

以下是一些可以帮助您入门的示例代码:

Here is some sample code that may help you get started:

<?php
ini_set ('error_reporting', E_ALL);
ini_set ('display_errors', '1');
error_reporting (E_ALL|E_STRICT);

$db = mysqli_init();
mysqli_options ($db, MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);

$db->ssl_set('/etc/mysql/ssl/client-key.pem', '/etc/mysql/ssl/client-cert.pem', '/etc/mysql/ssl/ca-cert.pem', NULL, NULL);
$link = mysqli_real_connect ($db, 'ip', 'user', 'pass', 'db', 3306, NULL, MYSQLI_CLIENT_SSL);
if (!$link)
{
    die ('Connect error (' . mysqli_connect_errno() . '): ' . mysqli_connect_error() . "\n");
} else {
    $res = $db->query('SHOW TABLES;');
    print_r ($res);
    $db->close();
}
?>

如果 PDO_MYSQL 确实是您想要的，那么您需要做这样的事情:

If PDO_MYSQL is really what you want, then you need to do something like this:

<?php
$pdo = new PDO('mysql:host=ip;dbname=db', 'user', 'pass', array(
    PDO::MYSQL_ATTR_SSL_KEY    =>'/etc/mysql/ssl/client-key.pem',
    PDO::MYSQL_ATTR_SSL_CERT=>'/etc/mysql/ssl/client-cert.pem',
    PDO::MYSQL_ATTR_SSL_CA    =>'/etc/mysql/ssl/ca-cert.pem'
    )
);
$statement = $pdo->query("SHOW TABLES;");
$row = $statement->fetch(PDO::FETCH_ASSOC);
echo htmlentities($row['_message']);
?>

然而，只有最新版本的 PHP 才对 PDO 提供 SSL 支持，并且在(至少)5.3.8 版中会默默忽略 SSL 选项:请参阅 错误报告.

However, only recent versions of PHP have SSL support for PDO, and SSL options are silently ignored in (at least) version 5.3.8: see the bug report.

祝你好运！

这篇关于从 PHP 使用 SSL 连接到远程 MySQL 服务器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！