The script below runs on a Centos server and is trying to connect to a MySQL database on another server which requires SSL parameters. The credentials used in the script work fine using and Microsoft Access DSN connection.
<?php
ini_set ('error_reporting', E_ALL);
ini_set ('display_errors', '1');
error_reporting (E_ALL|E_STRICT);
$pdo = new PDO('mysql:host=99.99.199.199;dbname=dummy1', 'user1', 'pwd1',
array(
PDO::MYSQL_ATTR_SSL_KEY =>'/etc/mysql/ssl/ck.pem',
PDO::MYSQL_ATTR_SSL_CERT=>'/etc/mysql/ssl/cc.pem',
PDO::MYSQL_ATTR_SSL_CA =>'/etc/mysql/ssl/c1.pem'
));
$statement = $pdo->query("SHOW TABLES;");
$row = $statement->fetch(PDO::FETCH_ASSOC);
echo htmlentities($row['_message']);
?>
The code above gives SSL operation failed with code 1 - here is the full message:
Fatal error: Uncaught PDOException: PDO::__construct(): SSL operation
failed with code 1. OpenSSL Error messages: error:14090086:SSL
routines:ssl3_get_server_certificate:certificate verify failed in
/var/www/vhosts/zzzzz.org/httpdocs/zzodbc/dgodbc1.php:10
Stack trace: #0 /var/www/vhosts/zzzzz.org/httpdocs/zzodbc/dgodbc1.php(10): PDO->__construct('mysql:host=99.9...', 'odbc_guil...', 'pwd1',
Array) #1 {main} Next PDOException: SQLSTATE[HY000] [2002] in
/var/www/vhosts/zzzzz.org/httpdocs/zzodbc/dgodbc1.php:10 Stack trace:
#0 /var/www/vhosts/zzzzz.org/httpdocs/zzodbc/dgodbc1.php(10): PDO->__construct('mysql:host=99.9...', 'odbc_guil...', 'pwd1',
Array) #1 {main} thrown in
/var/www/vhosts/zzzzz.org/httpdocs/zzodbc/dgodbc1.php on line 10
I have verified that the credentials, including the SSL parameters with a DSN connection. I have checked that the SSL Keys are correctly located in the /etc/mysql/ssl directory.
Any help to suggest what I'm doing wrong would be good. Thanks.
I may have been going at this in the wrong way....
Since these keys work with ODBC then I think I should be using using odbc_connect and sending the same string as I use with MS access such as
$user = "user";
$pass = "pwd";
$connection = "Driver={MySQL ODBC 5.1 Driver};Server=46.51.178.163;Database=db1;sslca=/etc/mysql/ssl/c1.pem;sslkey=/etc/mysql/ssl/ck.pem;sslcapath=/etc/mysql/ssl/;sslcert=/etc/mysql/ssl/cc.pem";
$con = odbc_connect($connection, $user, $pass);
But to get this to work I need to install a MySQL connector on the server which I'm grappling with at the moment.
I have solved this problem -thanks for all who have helped. This is what I have learned:
SSL keys are connection type specific - so I had keys that worked with ODBC and it was wrong to expect them to work with PDO
ODBC drivers ( php extensions ) need to be installed on the server - they aren't automatically present. Here is an excellent video showing how to do this.
You need command line access to the server to install the driver ( and also to upload the SSL keys to a secure location ) - they are in /etc/mysql/ssl.
I installed the driver in /usr/lib/odbc2/lib rather than in the long folder name in the video. I also installed the in the /usr tree because when I tried the locations in the video I got file not found errors. The two driver files are libmyodbc5a.so and libodbc5w.so. Only the ...5w.so file seems to be required.
Once these files are in place then you need to add an entry to odbcinst.ini in the /etc folder. I used nano so the command line nano odbcinst.ini brings up the file which had a model entry for PostgresSQL. If the server is 64 bit then these are the entries I made in odbcinst.ini:
[mysql537]
Driver64 = /usr/lib/odbc2/lib/libmyodbc5w.so
Setup64 = /usr/lib/odbc2/lib/libmyodbc5w.so
UsageCount = 1
You must have the ...64 paths otherwise the driver isn't found ( i.e Driver64 = NOT Driver= ). I made this mistake first off.
Provided the driver files are found at the paths in odbcinst.ini then things should work. (I thought I needed entries in odbc.ini but I now believe you only need something here if you are using a DSN).
the folder odbc2 was one I created inside /etc/lib which already exists. I did that to avoid any permission issues by creating a new folder.
Here is the code that works ( the connection string is exactly the same as the string used in a Microsoft Access connection ):
<?php
ini_set ('error_reporting', E_ALL);
ini_set ('display_errors', '1');
error_reporting (E_ALL|E_STRICT);
$user = "odbcmmm";
$pass = "999999999";
$connection = "Driver={mysql537};Server=99.99.199.199;Database=db_name;UID=odbc_db_name;PWD=password;sslca=/etc/mysql/ssl/c1.pem;sslkey=/etc/mysql/ssl/ck.pem;sslcapath=/etc/mysql/ssl/;sslcert=/etc/mysql/ssl/cc.pem";
$con = odbc_connect($connection, $user, $pass);
$sql="SELECT Id from stk_item";
$rs=odbc_exec($con,$sql);
if (!$rs) {
exit("Error in SQL");
}
I hope this is useful.
Related
I'm trying to setup a new local web server. Apache is already running and php is working. Mysql is installed. I can run mysql through the MySQL workbench. However, I am not able to connect to the MySQL from the php document.
First, the guides I looked at said to add the extension in php.ini. I went to php.ini-development and uncommented the line:
extension=mysqli
After restarting the server this didn't help. I also tried variations like extension=php_mysqli, and php_mysqli.dll.
I do in fact have the mysql dll on my computer. It is in:
C:\php\ext\php_mysqli.dll
My computer says the dll has not been accessed or modified since I downloaded it, so the Apache hasn't touched it at all.
Here is the code:
<?
$servername = "localhost";
$username = "root";
$password = "*************";
$conn = new mysqli($servername, $username, $password);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
?>
I get this error:
Fatal error: Uncaught Error: Class 'mysqli' not found in C:\Websites\x.php:14 Stack trace: #0 {main} thrown in C:\Websites\x.php on line 14
The MySQL is set to port 3306, and mysqli.default_port is set to 3306 in httpd.conf.
This is Windows 10. The MySQL version is 8.0.2. How can I make PHP use the mysql library/talk to MySQL?
EDIT:
Not the same as How to solve "Fatal error: Class 'MySQLi' not found"?.
I have tried the solutions there, but none of the answers worked so far.
First, be sure you're editing the "right" php.ini file. There can be several php.ini files on your system so execute this PHP code to see which php.ini is loaded in the context of your database connection script:
var_dump(php_ini_loaded_file());
Then, try to specify in this php.ini the absolute path to MySQLi DLL file like this:
extension=C:\php\ext\php_mysqli.dll
Note: Don't forget to restart Apache server after the modification of the php.ini.
I'm updating a application to stop using 'mssql_connect' to use PDO with ODBC for PHP 7.
Locally, I'm using XAMPP on Windows 8 and my application works fine. However, when I upload it to the Ubuntu server (Locaweb hosting, in Brazil) it returns the following error:
PDOException: SQLSTATE[IM002] SQLDriverConnect: 0 [unixODBC][Driver Manager]Data source name not found, and no default driver specified in /public_html/user/log-connections/connection.php:28 Stack trace: #0 /public_html/user/log-connections/connection.php(28): PDO->__construct('odbc:Driver={SQ...') #1 /public_html/user/log-connections/login.php(2): require_once('/public_html/user...') #2 {main}
The line causing the error (connection.php:28) is this one:
$pdo = new PDO("odbc:Driver={SQL Server}; Server={$servername}; Database={$dbname};", $username, $password);
I already tried using other driver names, such as "SQL Server Native Client", "FreeTDS", etc. But all returns the same error. Another thing is that the SQL Server isn't on the same server.
The solutions that I found on my research was telling me change the odbc.ini file and other files. But, I don't have access to those file on the server. Besides, on my local, I didn't change none of those files, just extended the modules to activate PDO and ODBC on the PHP.
Also, I already checked the phpInfo and the PDO and ODBC are enabled with "PDO Driver for ODBC (unixODBC)".
Anyone have experienced this kind of problem?
I'm trying to setup PHP mysqli connection to MariaDB database for two VPS servers and need to encrypt the communications due to it being over public network.
Currently I can connect from the client server to database server via commandline mysql client normally and I have checked via tcpdump that the connection is encrypted. However for some reason I can't figure out the PHP part. It's relatively basic nginx + php5-fpm + mariadb setup but mysql is working on non default port.
Debian Jessie, Php5 5.6.7, Mariadb 10.0.16, nginx 1.6.2
Here's the test script:
<?php
$DB_NAME = '';
$DB_HOST = '111.111.111.111';
$DB_USER = 'username';
$DB_PASS = 'password';
$mysqli = mysqli_init();
if (!$mysqli) {
die('mysqli_init failed');
}
//have tried witha and without the following with multiple variations
$mysqli->ssl_set(NULL, NULL, NULL,'/etc/mysql/ssl/',NULL);
if (!$mysqli->real_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME, 11111, NULL,MYSQLI_CLIENT_SSL )) {
die('Connect Error (' . mysqli_connect_errno() . ') '
. mysqli_connect_error());
}
$query = "SHOW STATUS LIKE 'ssl_cipher'";
$result = $mysqli->query($query) or die($mysqli->error.__LINE__);
if($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
print_r($row);
}
}
else {
echo 'NO RESULTS';
}
mysqli_close($mysqli);
?>
Main error I'm getting without the ssl_set:
2015/07/11 15:58:34 [error] 2857#0: *374 FastCGI sent in stderr: "PHP message: PHP Warning: mysqli::real_connect(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /srv/www/test.php on line 15
PHP message: PHP Warning: mysqli::real_connect(): Cannot connect to MySQL by using SSL in /srv/www/test.php on line 15
PHP message: PHP Warning: mysqli::real_connect(): [2002] (trying to connect via tcp://192.168.130.123:42139) in /srv/www/test.php on line 15
PHP message: PHP Warning: mysqli::real_connect(): (HY000/2002): in /srv/www/test.php on line 15".....
Any ideas would be appreciated. This is really killing me.
Maybe this problem occurs due to the changes made in PHP 5.6. I guess you are using self-signed certificates? If your DB enables peer_name validation by DEFAULT, there is no way to disable this in PHP. So when generating you certificates you have to use the right "Common Name" for each one:
CA: hostname
Server: FQND, e.g. hostname.example.com
Client: somename
The important part is the server certificate where the Common Name has to be the same as the host you are connecting to.
What it looks like is this
SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
My guess is that you don't have the correct CA set up. Some DB systems (like Amazon Web Services RDS) have their own CA file. You're using the capath argument so make sure the PEM files are in that path. If they are, the next thing I would do is switch to the third argument of ssl_set and specify the PEM file directly
$mysqli->ssl_set(NULL, NULL, '/path/to/ca.pem', NULL, NULL);
I know that I have seen this question before but have not seen an answer that has been able to fix the issue on my machine.
I'm relatively new to PHP and have no experience with Apache settings.
I am using the latest version of MAMP (not pro) with all the default settings on the latest version of OS X (10.3.3).
When I try to connect via PDO I receive the following error:
Unable to connect to the database server.exception 'PDOException' with message 'SQLSTATE[HY000] [2002] No such file or directory' in /Applications/MAMP/htdocs/resources/config.php:7 Stack trace: #0 /Applications/MAMP/htdocs/resources/config.php(7): PDO->__construct('mysql:host=loca...', 'USERNAME', 'PASSWORD') #1 /Applications/MAMP/htdocs/WEBSITE/index.php(2): include_once('/Applications/M...') #2 {main}
The connection code is from Kevin Yank's Novice to Ninja book, modified to apply to my database, username, etc.
try
{
$pdo = new PDO('mysql:host=localhost;dbname=db', $DBUser,$DBPass);
}
catch (PDOException $e)
{
$error = 'Unable to connect to the database server.' . $e;
include 'error.html.php';
exit();
}
I have tried localhost and 127.0.0.1 and get the same error regardless.
I don't see anything in Console that could help but I may not be looking for the right thing.
Any help is appreciated. Thanks
try this command in mac
ln -s /Applications/MAMP/tmp/mysql/mysql.sock /tmp/mysql.sock
This could happen if mysqld is not running (stuff happens). It could also happen if you have a configuration error.
For example, on my installation, i reproduce the error with this DSN :
mysql:unix_socket=/tmp/mysqle.sock;dbname=notifications;charset=utf8
the config calls for /tmp/mysql.sock
Check the config to see what method is configured (port or socket) and which (port or socket). If you have the wrong port or socket in your DSN, you will produce the same error report in the question.
When I run the following PHP code:
<?php
$username = "root";
$password = "allen123";
$conn = new PDO('mysql:host=localhost;dbname=test', $username, $password);
?>
I get the following error.
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000] [2002] No >such file or directory' in /Users/idrisk/Colourity/site/index.php:4 Stack trace: #0 >/Users/idrisk/Colourity/site/index.php(4): PDO->__construct('mysql:host=loca...', 'root', >'allen123') #1 {main} thrown in /Users/idrisk/Colourity/site/index.php on line 4
Any ideas? I downloaded the PDO drivers via Macports by the way
EDIT
To use mysqlnd with a local MySQL server, edit /opt/local/etc/php55/php.ini and set mysql.default_socket, mysqli.default_socket and pdo_mysql.default_socket to the path
to your MySQL server's socket file.
For mysql5, use /opt/local/var/run/mysql5/mysqld.sock
For mysql51, use /opt/local/var/run/mysql51/mysqld.sock
For mysql55, use /opt/local/var/run/mysql55/mysqld.sock
For mysql56, use /opt/local/var/run/mysql56/mysqld.sock
For mariadb, use /opt/local/var/run/mariadb/mysqld.sock
For percona, use /opt/local/var/run/percona/mysqld.sock
---> Cleaning php55-mysql
---> Updating database of binaries: 100.0%
---> Scanning binaries for linking errors: 100.0%
---> No broken files found.
It looks like you have an invalid socket in your php.ini file. Change the pdo_mysql.default_socket setting to an empty string to use the default socket.