Edit report at https://bugs.php.net/bug.php?id=55385&edit=1
ID: 55385
Updated by: paj...@php.net
Reported by: fuxa_kos at unihost dot cz
Summary: mysqlnd doesn't connect using ssl
-Status: Open
+Status: Feedback
Type: Bug
Package: MySQL related
Operating System: Linux
PHP Version: 5.3.6
Block user comment: N
Private report: N
New Comment:
What Andrey is asking is a wireshark dump of the network traffic between php
and
mysql while your script is trying to connect.
Previous Comments:
------------------------------------------------------------------------
[2011-10-19 13:30:49] fuxa_kos at unihost dot cz
In my case it is connect via TCP (to other box), not thru socket.
------------------------------------------------------------------------
[2011-10-19 12:09:08] dnsdns at gmail dot com
I know its not connecting with SSL, because I put a restriction on the user in
MySQL.
It connects fine if PHP is not compiled with mysqlnd. If it is compiled with
that the
sample code I provided only works if I drop the SSL restriction from MySQL
(thats why
I get access denied).
Will try to get a packet dump, but it takes time.
I have reproduced this behaviour on Gentoo (trying to connect to MySQL 5.1.59
on
the
same box but connecting with ip) and SLES11 (using MySQL client 5.0.67
connecting to
another computer having 5.1) also.
------------------------------------------------------------------------
[2011-10-18 18:56:14] and...@php.net
Hi, can you provide a packet dump from the wire. mysqlnd + ssl doesn't work for
localhost (unix socket) because of the limitations the PHP Streams impose on
mysqlnd, but here the case seems to be different?
------------------------------------------------------------------------
[2011-10-03 20:43:52] dnsdns at gmail dot com
I forgot to mention that PHP was compiled with openssl support so mysqlnd could
have used it to connect.
There was no error about the connection, just the access denied coming from
mysql
5.1.
------------------------------------------------------------------------
[2011-10-03 20:34:26] dnsdns at gmail dot com
Using PDO Mysql compiled with mysqlnd it doesnt work, if I recompile it with
libmysql the same code works.
It seems mysqlnd doesnt use the supplied keys and doesnt initiate ssl.
I am using PHP 5.3.8
$DB = new PDO("mysql:host=hostname;dbname=ssltest", 'test','mypass', array(
PDO::MYSQL_ATTR_SSL_KEY => '/path/client-key.pem',
PDO::MYSQL_ATTR_SSL_CERT => '/path/client-cert.pem',
PDO::MYSQL_ATTR_SSL_CA => '/path/cacert.pem'
));
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=55385
--
Edit this bug report at https://bugs.php.net/bug.php?id=55385&edit=1
