I've got a server with a self signed cert. It needs to be able to make a MySQLi connection with another server, and it must be an encrypted connection. Documentation is a little weak, but my experience with the necessary array elements doesn't help either.
Since I need to specify key, cert, ca, etc., does anyone have a link to a tutorial or necessary info? I'm on a fresh install of Ubuntu Server.
When I set up the self signed cert, I did this:
Not sure about anything ...
I just came across that cipher in another forum thread, so don't know if it should be something else or not.
Since I need to specify key, cert, ca, etc., does anyone have a link to a tutorial or necessary info? I'm on a fresh install of Ubuntu Server.
When I set up the self signed cert, I did this:
Code:
sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crtNot sure about anything ...
Quote:‘ssl_key’ - Path to the private key fileThis is what I've got so far, but I'm not able to connect:
‘ssl_cert’ - Path to the public key certificate file
‘ssl_ca’ - Path to the certificate authority file
‘ssl_capath’ - Path to a directory containing trusted CA certificats in PEM format
‘ssl_cipher’ - List of allowed ciphers to be used for the encryption, separated by colons (‘:’)
‘ssl_verify’ - TRUE/FALSE; Whether to verify the server certificate or not (‘mysqli’ only)
PHP Code:
$db['encrypted_connection'] = array(
'dsn' => '',
'hostname' => '123.123.123.123',
'username' => 'coolName',
'password' => 'greatPassword',
'database' => 'bigDatabase',
'dbdriver' => 'mysqli',
'dbprefix' => '',
'pconnect' => FALSE,
'db_debug' => (ENVIRONMENT !== 'production'),
'cache_on' => FALSE,
'cachedir' => '',
'char_set' => 'utf8',
'dbcollat' => 'utf8_general_ci',
'swap_pre' => '',
'encrypt' => [
'ssl_key' => '/etc/apache2/ssl/apache.key',
'ssl_cert' => '/etc/apache2/ssl/apache.crt',
'ssl_ca' => NULL,
'ssl_capath' => NULL,
'ssl_cipher' => 'DHE-RSA-AES256-SHA',
'ssl_verify' => FALSE
],
'compress' => FALSE,
'stricton' => FALSE,
'failover' => array(),
'save_queries' => TRUE
);
I just came across that cipher in another forum thread, so don't know if it should be something else or not.