DB question: MySQLi encrypt connection - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Development (https://forum.codeigniter.com/forumdisplay.php?fid=6) +--- Forum: CodeIgniter 3.x (https://forum.codeigniter.com/forumdisplay.php?fid=17) +--- Thread: DB question: MySQLi encrypt connection (/showthread.php?tid=67385) |
DB question: MySQLi encrypt connection - skunkbad - 02-16-2017 I've got a server with a self signed cert. It needs to be able to make a MySQLi connection with another server, and it must be an encrypted connection. Documentation is a little weak, but my experience with the necessary array elements doesn't help either. Since I need to specify key, cert, ca, etc., does anyone have a link to a tutorial or necessary info? I'm on a fresh install of Ubuntu Server. When I set up the self signed cert, I did this: Code: sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt Not sure about anything ... Quote:‘ssl_key’ - Path to the private key fileThis is what I've got so far, but I'm not able to connect: PHP Code: $db['encrypted_connection'] = array( I just came across that cipher in another forum thread, so don't know if it should be something else or not. RE: DB question: MySQLi encrypt connection - Narf - 02-17-2017 It's a generic "SSL configuration" - hardly differs from configuring HTTPS on a web server. The OS will give you CA and CAPath defaults, so they only exist if you really need to override them. Cipher is your own choice ... And there are a lot of wrong choices, but the preferrable ones change over time, so no definitive answer. Key and Cert are just things that you have, but I've seen nginx reject them simply because of trailing spaces at EOF and stuff like that, so it's not like you can't go wrong there ... Unfortunately, it's a little too nuanced to be covered by a CI-specific manual. If you already understand SSL/TLS you'll know what to do, and if you don't - you'll screw it up even with all the info available in front of you. RE: DB question: MySQLi encrypt connection - skunkbad - 02-17-2017 (02-17-2017, 05:35 AM)Narf Wrote: It's a generic "SSL configuration" - hardly differs from configuring HTTPS on a web server. As it turns out, the remote server isn't even configured to accept the secure connection, so I was going around in circles for nothing. Try again later ... assuming they set it up. Thanks for the comments, and yes I'll probably screw it up. |