Hey All,
I am having issues getting the MySQLi extension to connect to a SSL enabled MySQL server. As soon as I specify the MYSQLI_CLIENT_SSL flag on the real_connect, it hangs forever.
The connection is being made. If I issue a SHOW PROCESSLIST on the MySQL server, I can see the user attempting to authenticate, but it never goes beyond that.
Neither one of these work:
<?php
// Instantiate object
$mysqli = new mysqli( );
//Call the init method to allow setting of options
$mysqli->init( );
$host = 'hostname.tld';
$username = 'ssluser';
$password = 'password';
$dbname = 'db';
$port = 3309;
$socket = null;
// Set a new config file, disallow LOAD LOCAL INFILE and set the timeout to 600 seconds
$mysqli->options(MYSQLI_READ_DEFAULT_FILE, '/home/user/ssl/mynew.cnf');
$mysqli->options(MYSQLI_OPT_LOCAL_INFILE, false);
$mysqli->options(MYSQLI_OPT_CONNECT_TIMEOUT, 600);
// Connect with the above options, as well as SSL
if (!$mysqli->real_connect($host,$username,$password,$dbname,$port,$socket,MYSQLI_CLIENT_SSL)) {
$mysqli->close();
exit();
}
or
<?php
/* create a connection object which is not connected */
$mysqli = new mysqli();
$mysqli->init();
$mysqli->ssl_set("/home/user/ssl/client-key.pem","/home/user/ssl/client-cert.pem","/home/user/ssl/ca-cert.pem","/home/user/ssl",null);
/* set connection options */
$mysqli->options(MYSQLI_INIT_COMMAND, "SET AUTOCOMMIT=0");
$mysqli->options(MYSQLI_OPT_CONNECT_TIMEOUT, 5);
/* connect to server */
$mysqli->real_connect('host.tld', 'ssluser', 'password','db',3309,null,MYSQLI_CLIENT_SSL);
/* Select queries return a resultset */
$mysqli->close();
?>
I can successfully connect to this same server using the mysql client with the same server that the PHP script is running on. I know the issue is not hostname resolution or certificate related.
Any help would be appreciated.