What I mean to achieve is very simple. I want to connect to an external MS SQL database from a PHP script over a secure connection. This has however proven problematic and, with three hours put in to research so far, I am at a loss.
The platform for the client is Ubuntu, which means I can not use SQLSRV.
The secure connection has been tested with different clients and it works fine.
I am currently using PDO and DBlib to connect to the database, which also works fine.
I was not able to find any method to force a secure connection. I have tried multiple other drivers, to no avail.
What are my options?
Edit: I am left with the following FreeTDS logs...
config.c:543: Got a match.
config.c:565: host = 'XXXXXXXXXX'
config.c:595: Found host entry XXXXXXXXXX.
config.c:599: IP addr is XXXXXXXXXX.
config.c:565: port = '1433'
config.c:565: encryption = 'require'
config.c:565: check certificate hostname = 'no'
config.c:629: UNRECOGNIZED option 'check certificate hostname' ... ignoring.
config.c:565: ca file = 'XXXXXXXXXX.pem'
config.c:629: UNRECOGNIZED option 'ca file' ... ignoring.
If you want to use PDO, you could set up PDO ODBC. You will need to setup the configuration files /etc/odbc.ini, /etc/odbcinst.ini and /etc/freetds/freetds.conf.
You'll also have to install unixodbc and freetds: apt-get install unixodbc tdsodbc.
You can see more info here: Connect PHP to MSSQL via PDO ODBC
EDIT: To enforce SSL in ODBC, add the Encrypt keyword and set it to true in your connection string. And setup your SQL Server to use SSL: https://support.microsoft.com/en-us/kb/316898
EDIT 2: According to the OP, adding encryption=require and check certificate hostname to freetds.config as per the following specification: http://www.freetds.org/userguide/freetdsconf.htm along with the above steps will fix the problem
Have you configured mssql_connect to use a secure connection? Look in your php.ini and verify the mssql.secure_connection parameter is set to on
[MSSQL]
mssql.secure_connection = On
Related
Apache 2.4, PHP and MySQL or MariaDB Server are all running under Windows 10. phpMyAdmin is used in this environment.
my.ini has the configuration options skip-networking and enable-named-pipe set. So there is no way to connect via network.
HeidiSQL is connecting well using this configuration using . as hostname.
What options may be used for phpMyAdmin, to make him connect? I tried '.', 'localhost', '' and null. I also tried the options of my related posts.
How is this done using mysql::real_connect in PHP itself (which phpMyAdmin uses)? I think the docu is unclear for the socket parameter.
Related on stackoverflow:
PhpMyAdmin connect protocol PIPE
MySQL: Trying to connect via Named Pipe but getting "open_basedir restriction in effect"
My configuration (edit):
For mysql 80 you need to enter following named pipe for windows
$cfg['Servers'][$i]['socket'] = '\\.\pipe\MySQL80'
you should also check the phpmyadmn manual for connection and the mysql manual for more information on named pipes
To extent the answer:
The MySQL driver will always try to use sockets(linux) or named pipes(windows), when you add localhost as host, only when it can't use Sockets/named pipes, it will try to connect via TCP/IP, so under normal circumstances you don't need the line i wrote, only if you have a different name for the socket/named pipe you need to enter the socket/named pipe at that place.
so if you don't allow TCP/IP communnications for MySQL and the named pipe can't be established the connection would fail.
I am trying to learn PostgreSQL and so installed it and phppgAdmin on my laptop.
I went to localhost/phppgadmin, logged in and I get all these errors on the front page:
I tried going troubleshooting on Google, but unfortunately there are not enough answers to this question.
Also, config.inc.php file looks like this after I altered it according to the Tutorial I followed to connect the Database to PHP:
$conf['servers'][0]['desc'] = 'PostgreSQL';
// Hostname or IP address for server. Use '' for UNIX domain socket.
// use 'localhost' for TCP/IP connection on this computer
$conf['servers'][0]['host'] = 'localhost';
// Database port on server (5432 is the PostgreSQL default)
$conf['servers'][0]['port'] = 5432;
// Database SSL mode
// Possible options: disable, allow, prefer, require
// To require SSL on older servers use option: legacy
// To ignore the SSL mode, use option: unspecified
$conf['servers'][0]['sslmode'] = 'allow';
// Change the default database only if you cannot connect to template1.
// For a PostgreSQL 8.1+ server, you can set this to 'postgres'.
$conf['servers'][0]['defaultdb'] = 'template1';
// Specify the path to the database dump utilities for this server.
// You can set these to '' if no dumper is available.
$conf['servers'][0]['pg_dump_path'] = '/usr/bin/pg_dump';
$conf['servers'][0]['pg_dumpall_path'] = 'C:\\xampp\\pgSql\\11.2\\pg_dumpall.exe';
Thank you in advance
EDIT: Is it possible to just user the original pgadmin?!
This error is because the version of phpPgAdmin you are running does not support php7. You can either downgrade your PHP version or run the code from git master, available at https://github.com/phppgadmin/phppgadmin.
I'm trying to browse a customer's Microsoft SQL server database with PHP but port 1433 is closed. Digging around I found out MSSQL can run in Dynamic Port Allocation mode, that means it will choose a random listen port at first execution, and will likely remain the same accross startup. I know I can find out the current port, but since likely is not always and I'd like to avoid searching for it again, is there any way to remotely discover the port to connect to?
From what I could understand by my searches this job is usually accomplished by SQLBrowser(.exe ?), but how to do this on Linux?
Update on the solution
While #Chris' answer was correct I was missing a simple but essential bit: on every change of odbc.ini you need to run:
odbcinst -i -s -f /etc/odbc.ini
to update system's DSN.
After that I could connect using
isql -v DSN_NAME username password
Troubleshooting
To check server instance:
tsql -H HOSTNAME_OR_IP -L
this will print server information, including instance names and port to which you should be able to connect using standard telnet or mssql client.
Given that your answer was correct, I had to do minor changes to make it work. I decided to write them here. Steps are basically the same. On Ubuntu/Debian:
apt-get install php5-sybase unixodbc tdsodbc
Edit /etc/odbcinst.ini and add driver details
[TDS]
Description = FreeTDS Driver
Driver = /usr/lib/x86_64-linux-gnu/odbc/libtdsodbc.so
Setup = /usr/lib/x86_64-linux-gnu/odbc/libtdsS.so
Edit /etc/odbc.ini and enter connection details
[SQLSRV01]
Description = SQL Server test
Driver = TDS
Trace = No
Server = SERVER_IP\INSTANCE_NAME
TDS_Version = 9.0
#Database = DataBaseName
#ReadOnly = Yes
The last two parameters are optional. Driver must match what we wrote in odbcinst.ini. The Server directive must be in that syntax (of course SERVER_IP can be an hostname too).
According to UnixODBC the next step should not be necessary, but this is what made my installation work. Run the following command (every time odbc.ini is changed)
odbcinst -i -s -f /etc/odbc.ini
After this you should be able to connect using:
isql -v SQLSRV01 nome_utente password
Or via PHP:
$db = new PDO("dblib:host=SQLSRV01;dbname=DBNAME","USERNAME","PASSWORD");
Short answer:
ODBC drivers know to contact SQL server on port 1434 to find which dynamic port is associated with a named instance. user SERVERNAME\INSTANCENAME to connect.
Long answer:
I started here which led here and here.
Eventually I found this:
If you are using mssql with multiple instances and dynamic port
allocation you can use the following:
[SQLServer2008]
Description = Production Server
Driver = TDS
Trace = No
Server = servername\instance_name
TDS_Version = 8.0
Which seems to be echoed in a similar IBM Doc:
Question
SQLServer is setup to dynamically assign ports. In the .odbc.ini file,
the Address parameter is usually set to hostname colon port number
(Address=HostName:1433), but the port may change. How should we handle
this?
Answer
For the Address parameter value, instead of entering the hostname
colon port, enter the hostname a backslash and the server instance
name.
For example, in Unix/Linux, use the IBM SQLServer Wire Protocol driver
and enter the following in the .odbc.ini file in the DSN definition
for the connection to the SQLServer data source:
Address=HostName\Server_Instance_Name
For Windows, use the ODBC Data Sources Administrator to configure a
System DSN for the data source using the IBM SQLServer Wire Protocol
driver.
Note: The parameter is Server
I'm trying to access to my Heroku Postgres database from a php code that runs locally.
pg_connect("host=myhost port=5432 dbname=mydb user=me password=*** sslmode=require options='--client_encoding=UTF8'")
works well when the code runs on Heroku, but not locally. (the value are those given by Heroku)
I get this error :
Unable to connect to PostgreSQL server: sslmode value "require"
invalid when SSL support is not compiled in
If I delete sslmode, I get this error :
Network is unreachable Is the server running on host "myhost" and
accepting TCP/IP connections on port 5432?
Does someone has a clue ? It would help a lot !
Heroku Postgres requires sslmode for external connections. You likely need to compile PHP with the --with-openssl[=dir] compile flag. See here for more information: http://www.php.net/manual/en/book.openssl.php
Can you verify your installation of PHP has openssl compiled in with it? The only way I know to check this is with a phpinfo() page and look for the --with-openssl flag.
How do I connect to a SQL Server with SSL from PHP?
Edit
I should be more elaborate on this. We have a php-mysql application. We need to save data on a SQL Server also. Initially we were using mssql_connect('server', 'db_user', 'db_pwd')
to connect to the remote SQL server. but now we need to send it over ssl.
We would like to use the existing ssl cert already on server (currently used by site on IIS as ssl cert) to make it so we can connect to SQL Server with secure connection.
What have you tried already ?
mssql_connect() should work out for you.
Since you provided no error I'm guessing: "Warning: mssql_connect(): Unable to connect to: OURSERVER.local in ...." ?
Have you set the mssql.secure_connection ini option to true?
mssql_connect can use secured connection if php is configured ...
go into the php.ini and verify the mssql.secure_connection parameter :
[MSSQL]
mssql.secure_connection = On