Welcome Guest, Not a member yet? Register   Sign In
Connection to db with certificate
#1

Hi everyone,
I developed an application with CI4 in local environment based on MariaDB, now I need to move the application to testing environment and here the connection to DB is supported with certificate.

I use .env file for the config and this is my config 
Code:
database.default.hostname = localhost
database.default.database = databasename
database.default.username = databaseuser
database.default.password = dataabasepassword
database.default.DBDriver = MySQLi
database.default.charset  = utf8
database.default.DBCollat  = utf8_general_ci
database.default.port  = 3306

database.default.encrypt  = TRUE
database.default.encrypt.ssl_key  = /etc/mysql/newcerts/CLIENT/client-key.pem
database.default.encrypt.ssl_cert = /etc/mysql/newcerts/CLIENT/client-cert.pem
database.default.encrypt.ssl_ca  = /etc/mysql/newcerts/CLIENT/ca-cert.pem
#database.default.encrypt.ssl_capath  = /etc/mysql/newcerts/CLIENT/
#database.default.encrypt.ssl_cipher  = DHE-RSA-AES256-SHA
database.default.encrypt.ssl_verify = FALSE

The problem is:"SYSTEMPATH/Database/BaseConnection.php at line 395"
throw new DatabaseException('Unable to connect to the database.');

In the same environment works java application that use the connection with certificate 
Can someone help me?

Thanks for the support!
Reply
#2
Exclamation 
(This post was last modified: 03-15-2021, 07:14 AM by yuma2020.)

(03-12-2021, 01:01 AM)nilo Wrote: Hi everyone,
I developed an application with CI4 in local environment based on MariaDB, now I need to move the application to testing environment and here the connection to DB is supported with certificate.

I use .env file for the config and this is my config 
Code:
database.default.hostname = localhost
database.default.database = databasename
database.default.username = databaseuser
database.default.password = dataabasepassword
database.default.DBDriver = MySQLi
database.default.charset  = utf8
database.default.DBCollat  = utf8_general_ci
database.default.port  = 3306

database.default.encrypt  = TRUE
database.default.encrypt.ssl_key  = /etc/mysql/newcerts/CLIENT/client-key.pem
database.default.encrypt.ssl_cert = /etc/mysql/newcerts/CLIENT/client-cert.pem
database.default.encrypt.ssl_ca  = /etc/mysql/newcerts/CLIENT/ca-cert.pem
#database.default.encrypt.ssl_capath  = /etc/mysql/newcerts/CLIENT/
#database.default.encrypt.ssl_cipher  = DHE-RSA-AES256-SHA
database.default.encrypt.ssl_verify = FALSE

The problem is:"SYSTEMPATH/Database/BaseConnection.php at line 395"
throw new DatabaseException('Unable to connect to the database.');

In the same environment works java application that use the connection with certificate 
Can someone help me?

Thanks for the support!
Hello, technically you must first try from simple php if the certificates work correctly and communication with the database, after doing the above only said there you have to check if everything is properly typed from the absolute locations in linux (recommended), once you have done all of the above you should check the status, the php version and if the php-mysql functions are actually installed according to the version that applies , a gallbladder all this should test everything and theorically if the server is well configured (environment) and the locations of the files and the so is linux you should not have problems connecting it.

But to solve you must do tests and you will need to test before taking out anticipated conspiracy conjectures.

You must think that is what you want to do and how you want to do it, all environments are different, because you have not explained to us if we are talking about an environment in local, test, production, we also do not know if it is linux or windows, you should also add an info.php, I think it is too redundant the request for help with data as basic as a configuration because all the environments are of different complexity and more if you are only a programmer and you do not have of technical knowledge of systems, but remember that there are good environments to try locally such as laragon, xampp or lamp you can also consider that you can try it in cpanel hosting and different means available or also do not know if you have Linux knowledge in production to help you or guide you how to solve the matter.
Reply
#3

(03-15-2021, 07:07 AM)yuma2020 Wrote:
(03-12-2021, 01:01 AM)nilo Wrote: Hi everyone,
I developed an application with CI4 in local environment based on MariaDB, now I need to move the application to testing environment and here the connection to DB is supported with certificate.

I use .env file for the config and this is my config 
Code:
database.default.hostname = localhost
database.default.database = databasename
database.default.username = databaseuser
database.default.password = dataabasepassword
database.default.DBDriver = MySQLi
database.default.charset  = utf8
database.default.DBCollat  = utf8_general_ci
database.default.port  = 3306

database.default.encrypt  = TRUE
database.default.encrypt.ssl_key  = /etc/mysql/newcerts/CLIENT/client-key.pem
database.default.encrypt.ssl_cert = /etc/mysql/newcerts/CLIENT/client-cert.pem
database.default.encrypt.ssl_ca  = /etc/mysql/newcerts/CLIENT/ca-cert.pem
#database.default.encrypt.ssl_capath  = /etc/mysql/newcerts/CLIENT/
#database.default.encrypt.ssl_cipher  = DHE-RSA-AES256-SHA
database.default.encrypt.ssl_verify = FALSE

The problem is:"SYSTEMPATH/Database/BaseConnection.php at line 395"
throw new DatabaseException('Unable to connect to the database.');

In the same environment works java application that use the connection with certificate 
Can someone help me?

Thanks for the support!
Hello, technically you must first try from simple php if the certificates work correctly and communication with the database, after doing the above only said there you have to check if everything is properly typed from the absolute locations in linux (recommended), once you have done all of the above you should check the status, the php version and if the php-mysql functions are actually installed according to the version that applies , a gallbladder all this should test everything and theorically if the server is well configured (environment) and the locations of the files and the so is linux you should not have problems connecting it.

But to solve you must do tests and you will need to test before taking out anticipated conspiracy conjectures.

You must think that is what you want to do and how you want to do it, all environments are different, because you have not explained to us if we are talking about an environment in local, test, production, we also do not know if it is linux or windows, you should also add an info.php, I think it is too redundant the request for help with data as basic as a configuration because all the environments are of different complexity and more if you are only a programmer and you do not have of technical knowledge of systems, but remember that there are good environments to try locally such as laragon, xampp or lamp you can also consider that you can try it in cpanel hosting and different means available or also do not know if you have Linux knowledge in production to help you or guide you how to solve the matter.

Hi Yuma,
thanx for the support , I spent a lot of time to try the solve the problem and I undestand that before the problem was about the certificate signed with localhost but the system accept 127.0.0.1
And in a moment everything works fine in development environment but in local (without certificate) the system breaks  :-(

now I think that the problem was around configuration in .env ; Ok, calm ...
in development env if I use the code in database.php I can connect to database correctly
Code:
'encrypt' => array(
                    'ssl_key' =>'/etc/mysql/newcerts/CLIENT/client-key.pem',
                    'ssl_cert' =>'/etc/mysql/newcerts/CLIENT/client-httpd.pem',
                    'ssl_ca' =>'/etc/mysql/newcerts/CLIENT/ca-cert.pem',
                    'ssl_capath' =>'/etc/mysql/newcerts/CLIENT/',
                    'ssl_cipher' => 'DHE-RSA-AES256-GCM-SHA384',
                    'ssl_verify' =>FALSE)
if I comment the code in database.php (in dev environment) and use the code in .env the system breaks.
Code:
database.default.encrypt.ssl_key = /etc/mysql/newcerts/CLIENT/client-key.pem
database.default.encrypt.ssl_cert = /etc/mysql/newcerts/CLIENT/client-cert.pem
database.default.encrypt.ssl_ca = /etc/mysql/newcerts/CLIENT/ca-cert.pem
database.default.encrypt.ssl_capath = /etc/mysql/newcerts/CLIENT/
database.default.encrypt.ssl_cipher = DHE-RSA-AES256-GCM-SHA384
database.default.encrypt.ssl_verify = FALSE

OK ... WORKAROUND IS :
put the code declared empty in database.php 
Code:
....'encrypt' => array(
                    'ssl_key' =>'',
                    'ssl_cert' =>'',
                    'ssl_ca' =>'',
                    'ssl_capath' =>'',
                    'ssl_cipher' => '',
                    'ssl_verify' =>FALSE)

and put the code in .env as before explained ... 
the system works perfectly with and without certificate , i hope that help someone .

Nilo
Reply
#4

my suggestion is to include in the codeignter 4 guide also this subtlety that I think is not there.

Nilo
Reply
Reply
#6

Code:
It is very important to always remember that environment variables contained in your .env are only replacements for existing data. This means that you cannot expect to fill your .env with all the replacements for your configurations but have nothing to receive these replacements in the related configuration file(s).
https://codeigniter4.github.io/CodeIgnit...s-for-data
Reply




Theme © iAndrew 2016 - Forum software by © MyBB