7

Using this code I'm able to connect to mysql using zend framework normally:

resources.db.adapter = "Pdo_Mysql"
resources.db.params.host = "xx.xx.xx.xx"
resources.db.params.username = "test_user"
resources.db.params.password = "test_pass"
resources.db.params.dbname = "test_database"
resources.db.params.port="xxxx"

;parameters here for ssl connection??

In my Controller:

  public function indexAction() {
        $config = new Zend_Config_Ini('/path/to/application.ini', 'development');
        $db = Zend_Db::factory($config->resources->db);
        $sql = 'SELECT * FROM test_table';
        $result = $db->fetchAll($sql);

        echo '<pre>';
        print_r($result);
    }

Now the problem is that I want to connect to mysql using ssl, but I haven't found any documentation on how to do that.

I managed to make a connection using Navicat to the server with the help of the database admin by configuring the ssl connection as follows: enter image description here

The problem now is how to connect using php?

Improve this question

4 Answers 4

Reset to default
3

You should be able to specify driver options like this:

;PDO::MYSQL_ATTR_SSL_KEY
resources.db.params.driver_options.1010 = "/path/to/client-key.pem"
;PDO::MYSQL_ATTR_SSL_CERT
resources.db.params.driver_options.1011 = "/path/to/client-cert.pem"
;PDO::MYSQL_ATTR_SSL_CA
resources.db.params.driver_options.1012 = "/path/to/ca-cert.pem"
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

A little hacky (mostly because it's undocumented) but assuming that PDO can cope with strings instead of ints as the "constant" values this should work, +1
well thanx for the reply, but I still can't connect to mysql. It gives the following error SQLSTATE[28000] [1045] Access denied for user 'test_user'@'xx.xx.xx.xx' (using password: YES) . I still can connect using Navicat with the username, pass & the certificates and I'm able to login if I change the user. I confirmed that PHP has Openssl enabled. note: test_user is configured by the database admin to only connect using a ssl connection.
btw I got the same error when I tried DaveRandom's answer :(
@Songo Are you running PHP and Navicat from the same machine? MySQL ACLs are able to restrict users to certain IP address/hostnames.
yup from the same machine. I'm running PHP 5.3.15 could this affect anything?
2

From http://php.net/manual/en/ref.pdo-mysql.php:

SSL support is enabled using the appropriate PDO_MySQL constants, which is equivalent to calling the » MySQL C API function mysql_ssl_set(). Also, SSL cannot be enabled with PDO::setAttribute because the connection already exists. See also the MySQL documentation about » connecting to MySQL with SSL.

See also: http://php.net/manual/en/ref.pdo-mysql.php#103501

Your PHP installation will also need openssl in order for this to work correctly.

Improve this answer

5 Comments

Thanks for the reply, but I'm quite overwhelmed here :) Does that mean that I can't just add some parameters to the configuration file application.ini to get things working? maybe an option for the paths?
@Songo Apparently not - it is definitely possible within the scope of PDO_mysql for it to work, but it seems that ZF does not yet support it directly. If you can obtain the underlying PDO object then you should be able to do this by calling PDO::setAttribute() to set the options yourself, but it looks as though there is no way to get ZF to do the legwork for you.
framework.zend.com/svn/framework/standard/trunk/library/Zend/Db/… line: 130, probably you should able to specify necessary constants in application.ini
@DaveRandom I tried the code sample in the link you provided, but I still can't connect to mysql. It gives the following error SQLSTATE[28000] [1045] Access denied for user 'test_user'@'xx.xx.xx.xx' (using password: YES) . I still can connect using Navicat with the username, pass & the certificates and I'm able to login if I change the user. I confirmed that PHP has Openssl enabled. note: test_user is configured by the database admin to only connect using a ssl connection.
@DaveRandom btw I got the same error when I tried b.b3rn4d's answer :(
2

My working configuration for Zend Db (Adapter: Pdo_Mysql) over SSL:

Array
(
    [host] => XX.XX.XX.XX
    [username] => nice-user
    [password] => ************
    [dbname] => database
    [driver_options] => Array
        (
            [1010] => /path/to/client-key.pem
            [1011] => /path/to/client-cert.pem
            [1012] => /path/to/ca-cert.pem
            [1013] => 
            [1014] => DHE-RSA-AES256-SHA
        )
)

And make sure above listed certificate files are readable by Apache user ('www-data' on Debian) if your application is web based, which I assume it is.

Improve this answer

Comments

1

To connect with Zend set your application.ini like this : 

;PDO::MYSQL_ATTR_SSL_KEY = 1007
resources.db.params.driver_options.1007 = "/path/to/client-key.pem"
;PDO::MYSQL_ATTR_SSL_CERT = 1008
resources.db.params.driver_options.1008 = "/path/to/client-cert.pem"
;PDO::MYSQL_ATTR_SSL_CA = 1009
resources.db.params.driver_options.1009 = "/path/to/ca-cert.pem"
Improve this answer

1 Comment

Btw. Number in options "resources.db.params.driver_options.1009" - is actual for PHP 7, and for PHP5.6 you will need use another number like "resources.db.params.driver_options.1012". Found that nuance when switched from PHP 5.6 to PHP 7

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.