I may be barking up the wrong tree... However, what I have is a MySQL server that accepts connections only from a client with a valid SSL cert (see this link). This works great for example with Rails. I have my database on one server, and a Rails app that connects using the client certificate. Maybe not the fastest, but it works.
The configuration in database.yml looks something like this:
sslkey: /path/to/client-key.pem
sslcert: /path/to/client-cert.pem
sslca: /path/to/ca-cert.pem
The problem is that I'd like to host phpMyAdmin on the same server as the Rails app. I think that phpMyAdmin is simply more limited in its connection options because I can't seem to find a way for it to use a client certificate to connect. But what I found odd was that Googling for answers didn't turn up much on this subject (which makes me wonder if I'm taking the wrong approach to this).
Obviously, I can easily set up phpMyAdmin itself to be hosted behind an SSL certificate (which will encrypt requests between the client browser and my phpMyAdmin server) but I want the phpMyAdmin <-> db connection to be encrypted as well.
Is this possible? Is this a bad design choice? Are there better ways to do this?
Thanks,
-
in your
config.inc.phpadd this line after applicable server stuff:$cfg['Servers'][$i]['ssl']=true;Assuming your php and its mysql client is configured with SSL in mind this should work.
Eran Galperin : Nice, didn't know that :)Zoredache : While this does seem to enable SSL, it doesn't seem to do anything for certificate-based authentication.smazurov : are you sure that you can do SSL connection through PHP? Keep in mind that my.cnf used by CL mysql might not be the same used by PHP. I would recommend writing a quick test script with forced encryption to make sure its working.
0 comments:
Post a Comment