CodeIgniter Forums
Encrypt parameters in databases.php / what for? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: Best Practices (https://forum.codeigniter.com/forumdisplay.php?fid=12)
+--- Thread: Encrypt parameters in databases.php / what for? (/showthread.php?tid=67623)



Encrypt parameters in databases.php / what for? - Gtya - 03-16-2017

hello,

can someone give me clear explanation of the usage of these parameters in database.php

['encrypt']  Whether or not to use an encrypted connection.
|
| 'mysql' (deprecated), 'sqlsrv' and 'pdo/sqlsrv' drivers accept TRUE/FALSE
| 'mysqli' and 'pdo/mysql' drivers accept an array with the following options:
|
| 'ssl_key'    - Path to the private key file
| 'ssl_cert'   - Path to the public key certificate file
| 'ssl_ca'     - Path to the certificate authority file
| 'ssl_capath' - Path to a directory containing trusted CA certificats in PEM format
| 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption, separated by colons (':')
| 'ssl_verify' - TRUE/FALSE; Whether verify the server certificate or not ('mysqli' only)
|

i was thinking of using a kind of 1and1 hosting so it means that my http server will connect to a xyz.db.1and1.com servers using the credentials provided upper in the databases.php

from my understanding it would be cool to be sure that the connection between http server and database server is encrypted, but it is for this usage that these options are defined? what are the configuration needed to?

+ does it means that i need a "ssl" option and paying for a certificate + validation, etc. ?

or so does it means that if i want to have this kind of (small) security on such points i should go with a complete server hosting both http server and so the mysql instance?

thank you for any advice Smile