I am getting the following error when trying to connect from my Windows box to my Linux box:
Warning: PDO::__construct(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
This is the connection code:
$dbE = new PDO(
'mysql:dbname=db_name;host=host_ip;',
'username',
'password',
array(
PDO::MYSQL_ATTR_SSL_KEY =>'client_side_path\client-key.pem',
PDO::MYSQL_ATTR_SSL_CERT =>'client_side_path\client-cert.pem',
PDO::MYSQL_ATTR_SSL_CA =>'client_side_path\ca-cert.pem'
)
);
$dbE->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo 'Connected';
Any ideas welcome.
Fixed it. The reason was because the path in Server B to the CA was incorrect. Its worth noting that to fix this I tried a connection outside of PHP directly from server A and it came up with an error "bad other signature confirmation" - I then loaded the CA cert and found it was empty. Rebooted the server, set the correct paths in both my.cnf and the server start call and all fixed. Really worth trying the mysql direct connection as it gave a very different error which was much more useful than the PDO one.
Related
I am trying to connect to my Google Cloud SQL instance using PHP PDO. If I don't enforce SSL, everything works fine. But if I enforce SQL, I am unable to connect.
I have downloaded the server certificate from my Google Cloud SQL instance, as well as the client certificate (and matching key that I created). I know they're OK, because the following line works fine from the command shell:
mysql -h[myHostIp] -uroot -p --ssl-ca=settings/server-ca.pem --ssl-cert=settings/client-cert.pem --ssl-key=settings/client-key.pem [myDatabase]
However, from the same folder in a standalone PHP file run from the command line, the following PHP code does not:
<?php
$myHostIp = '[myHostIp]';
$myDbName = 'qabtk';
$myDbUser = 'root';
$myDbPassword = '[myPassword]';
$db = new PDO("mysql:host=$myHostIp;dbname=$myDbName", $myDbUser, $myDbPassword, [
PDO::MYSQL_ATTR_INIT_COMMAND => "set names 'utf8'",
PDO::MYSQL_ATTR_SSL_KEY =>'settings/client-key.pem',
PDO::MYSQL_ATTR_SSL_CERT=>'settings/client-cert.pem',
PDO::MYSQL_ATTR_SSL_CA =>'settings/server-ca.pem',
]);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = 'show databases';
$stmt = $db->prepare($sql);
$stmt->execute([]);
$answer = $stmt->fetchObject();
$stmt->closeCursor();
var_dump($answer);
exit;
Running that code gives the following error:
Trace/BPT trap: 5
If I remove both the client key and client certificate, leaving in only the server certificate, the error changes to:
Uncaught PDOException: SQLSTATE[HY000] [1045] Access denied for user 'root'#'[client IP address]' (using password: YES)
I've tried the recommendation of adding a PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false, which doesn't make any difference.
Help please!
UPDATE 2022-04-12: I am using this on an Apple silicon Macbook Pro, both directly using MacOS, and inside a Docker container running Ubuntu 18.04. The problem has now disappeared for no apparent reason - there's been much rebooting of many of the components and I didn't track exactly when it went away. However, it requires the line PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false to work which it really shouldn't do. I believe this may be to do with the way Google sets the CN in its certificates for Cloud SQL, but I'm not certain.
I've read many questions similar to this but none of the answers have been relevant to me. I'm trying to access a SQL server using PHP. Both the SQL server and PHP are running on my Windows 10 machine. Here is my PHP code (the username and password are arbitrary):
$connection = mysqli_connect('127.0.0.1', 'hmuuser', 'password');
This causes the following error:
PHP Warning: mysqli_connect(): (HY000/2002): No connection could be made because the target machine actively refused it.
Here is my connection using MSSMS (which is successful):
EDIT:
I was able to solve my problem using this link: http://blog.citrix24.com/configure-sql-express-to-accept-remote-connections/
Using this link I enable SQL Browser, and set a static port to connect to SQL server with. However, I'm presented with a new error:
PHP Warning: mysqli_connect(): MySQL server has gone away in C:\HMUAPI\Index.php on line 7
PHP Warning: mysqli_connect(): Error while reading greeting packet. PID=9920 in C:\HMUAPI\Index.php on line 7
PHP Warning: mysqli_connect(): (HY000/2006): MySQL server has gone away in C:\HMUAPI\Index.php on line 7
My code has been changed to the following to cause this error: $connection = mysqli_connect('127.0.0.1:1434', 'hmuuser', 'password');
Add a database name
$connection = mysqli_connect('127.0.0.1', 'hmuuser', 'password','dbname');
Also here is suggest - Actively refused it" means that the host sent a reset instead of an ack when you tried to connect. It is therefore not a problem in your code. Either there is a firewall blocking the connection or the process that is hosting the service is not listening on that port. This may be because it is not running at all or because it is listening on a different port.
I guess the problem is, that you use MySQLi to connect to a MSSQL server.
You should use the correct MSSQL extension instead.
Microsoft published their SQL-Server for PHP driver on GitHub: https://github.com/Microsoft/msphpsql
Or you use the older extension which is documented in the PHP manual: http://de2.php.net/manual/en/book.mssql.php
And at least you can set up ODBC.
One of them should resolve your problem.
I am attempting to connect to a Rackspace Cloud MySQL database with PDO and SSL. My connection string is:
$dbh = new PDO($serverAddress, $username, $password, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
PDO::MYSQL_ATTR_SSL_CA =>'rackspace.pem',
PDO::MYSQL_ATTR_SSL_KEY => 'key.pem',
PDO::MYSQL_ATTR_SSL_CERT => 'cert.pem'
));
This errors out with the message "PDO::__construct(): SSL operation failed with code 1. OpenSSL Error messages:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number"
rackspace.pem is the Rackspace CA file provided here. key.pem and cert.pem are self-signed certificates (with the same FQDN as rackspace.pem). This connection works successfully without SSL.
I have enabled SSLv3 in the Apache configuration of my server (not sure if that is relevant here, as it is a PDO-calling-openssl issue).
I am able to connect to the DB instance via the mysql client. There, I see that the SSL version is TLSv1 (wondering if that is part of the issue, somehow?).
The things I have read about this error message (some examples - Error 0x1408F10B: “SSL3_GET_RECORD:wrong version number” with PayPal SDK, how to solve SSL3_GET_RECORD:wrong version number error?) are not relevant to the PDO library.
Any help or direction would be much appreciated! Thanks!
I am attempting to use PHP's PDO_DBLIB driver to connect to a remote database and am having some issues.
The database is connectable via the same environment using telnet and a SQL client. However, connecting using the following code in PHP does not work:
<?php
$conn = new PDO('dblib:dbname=TestDB;host=RemoteServer;charset=utf8', 'my_user', 'my_pass');
Running this code, whether it be from the command line or Apache, yields the following error:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000] Unable to connect: Adaptive Server is unavailable or does not exist (severity 9)'
I am able to connect to the database using the same code on a different web server, which leads me to believe that it's a configuration issue. The php.ini files on the two servers look relatively the same. They each have the same PDO libraries enabled with the same options configured.
Does anyone have any idea why this could be happening?
Turns out that it was a much simpler issue than I thought. For whatever reason, the development server was not using Port 1433 as the default port in the connection and was instead using Port 4000.
I discovered this by enabling the logs in the freetds.conf file and monitoring them as I was making the request.
Also, something to note: The DBLIB extension uses a colon (:) as a separator between the host and the port instead of the comma. Unfortunately, the error that you receive when you use a comma isn't very descriptive, so hopefully someone benefits from this discovery.
Write port into freetds.conf directly for this host:
[RemoteServer]
host = RemoteServer
port = 1433
And leave php-code us is:
$conn = new PDO('dblib:dbname=TestDB;host=RemoteServer;charset=utf8', 'my_user', 'my_pass');
I am trying to connect to SQL Server 2008 (not express) with PHP 5.2.9-2 on Windows XP sp2. I can connect to the remote SQL Server fine from SQL Server Management Studio from the same machine.
My first attempt was this:
$conn = new PDO("mssql:host={$host};dbname={$db}", $user, $pass);
Which gives this error:
PHP Fatal error:
Uncaught exception 'PDOException' with message
'SQLSTATE[0100] Unable to connect: SQL Server is unavailable or does not exist.
Access denied. (severity 9)'
Second attempt (found on experts-exchange)
$conn = new PDO("odbc:Driver={SQL Server Native Client 10.0};Server={$host};Database={$db};Uid={$user};Pwd={$pass}",
$user, $pass);
This works, but I can't use PDO::lastInsertId(), which I would like to be able to:
Driver does not support this function: driver does not support lastInsertId()
Do you have any suggestions? Any help would be greatly appreciated.
i'm pretty sure that pdo with the mssql data server type requires dblib to connect. do you have dblib installed on the machine? make sure you can find ntwdblib.dll somewhere in the path on your system. i know this doesn't jive with the error message you're getting, but i'm not sure i trust the error message.
I updated ntwdblib.dll as suggested here and it now works.
Unfortunately I still can't use PDO::lastInsertId() because apparently this driver does not support it either, so it wasn't really worth the hassle. I can however use the equivalent SELECT ##IDENTITY as Id.
That you cannot use SQL Server authentication because only Windows authentication is permitted.
Check if the server is running Mixed mode authentication.
Also check if this SO question helps you.