PDO无法与SSL一起使用 [英] PDO not working with SSL
问题描述
如果我运行需要SSL的代码,它将无法正常工作(拒绝用户访问),但是如果没有SSL,它将正常工作.
If I run this code requiring SSL it won't work (Access denied for user) but without SSL it works.
在服务器端可能发生什么事情以阻止此情况?显然不是密码/用户配置,并且使用SSL与服务器的另一个连接都可以正常工作,因此我知道服务器正在接受加密的连接.
What might be happening at the server end to stop this? Obviously not password/user config and another connection to the server with SSL works fine so I know the server is accepting encrypted connections.
For info I have already checked out Connect to remote MySQL server with SSL from PHP.
$dbE = new PDO(
'mysql:dbname=DB;host=IP',
USER,
PASS,
array(
PDO::MYSQL_ATTR_SSL_KEY => 'D:\ssl\mysql\client-key.pem',
PDO::MYSQL_ATTR_SSL_CERT => 'D:\ssl\mysql\client-cert.pem',
PDO::MYSQL_ATTR_SSL_CA => 'D:\ssl\mysql\ca-cert.pem'
)
);
推荐答案
经过大量调查,重建了证书并进行了重击,我发现了(ptl).问题出在(但我在任何地方都没有找到),但是必须从服务器复制到客户端的客户端证书. PDO配置中使用的路径是指向ca/cert/key的CLIENTS副本的路径,而不是服务器上的路径.我对此并不感激,我认为需要稍微清楚一点.
After a LOT of investigation, rebuilding certificates and head bashing I figured it out (ptl). The issue was (and I've not really found this anywhere) but the client certificates must be COPIED from the server to the client. The paths used in the PDO configs are paths to the CLIENTS copy of the ca/cert/key as opposed to the paths on the server. I hadn't appreciated this and I think it needed to be slightly clearer.
甚至在 http://dev上的示例. mysql.com/doc/refman/5.0/en/creating-ssl-certs.html 表示客户端密钥位于服务器上,而不是客户端.我希望这会有所帮助.
Even the example on http://dev.mysql.com/doc/refman/5.0/en/creating-ssl-certs.html implies the client keys reside on the server as opposed to the client. I hope this is helpful.
这篇关于PDO无法与SSL一起使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
