Home » Php » php – Error when connecting from a web server to a remote MySQL DB Server

php – Error when connecting from a web server to a remote MySQL DB Server

Posted by: admin February 25, 2020 Leave a comment

Questions:

I have been struggling to connect from a Ubuntu version 16.04 web server
(running on 1 AWS instance, with PHP 7.0.33 and Apache 2.7.18)
communicating with a data base server using MySQL 8.0.19 running on another AWS instance (running Ubuntu version 16.04).

I set up the data base server and configured it as follows:

I edit the file /etc/mysql/mysql.conf.d/mysqld.cnf

I add the following in the [mysqld] section
[mysqld]

require_secure_transport = on

I save the file and from the console issue:

sudo mysql_ssl_rsa_setup --uid=mysql

I then restart mysql with:

sudo systemctl restart mysql

I have created a data base and tables on this data base server.

I also created a remote user on this data base server as follows (IP address and user are fictitious):

CREATE USER 'Master'@'1.26.4.44' IDENTIFIED BY 'admin';

GRANT ALL PRIVILEGES ON sample_data_base.* TO ' Master'@'1.26.4.44';

FLUSH PRIVILEGES;

Exit

I successfully test the connectivity to this db server from the web server client instance:

mysql -u Master -p   -h '1.26.4.44'

However when I use the following PHP code snippet from the web server client instance
to open the connection to the data base server, I get an error (see below):

// set up for  remote DB access     
  $dbhost  = '1.26.4.44';    // Unlikely to require changing
  $dbname  = 'sample_data_base';   // Modify these...
  $dbuser  = 'Master';   // ...variables according
  $dbpass  = "admin";   // ...to your installation
  $appname = "test_app"; // ...and preference

$dbconnection = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);

   if ( !$dbconnection) 
  {
      echo "connection failed   ";
      die('Connect Error (' . mysqli_connect_errno() . ') '
        . mysqli_connect_error());
  }

The error is:

Connect Error (3159) Connections using insecure transport are prohibited while --require_secure_transport=ON

Just as an FYI, when I comment out the line on the data base server in the
file /etc/mysql/mysql.conf.d/mysqld.cnf

# require_secure_transport = on

There are no issues with the php code connection to the remote data base server.

What am I missing on the web server client side to let me connect to the remote db server from the php code?

How to&Answers:

You need extra configurations in your db setup:

$db = mysqli_init();
mysqli_options ($db, MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);

$db->ssl_set(
    '/etc/mysql/ssl/client-key.pem',
    '/etc/mysql/ssl/client-cert.pem',
    '/etc/mysql/ssl/ca-cert.pem',
    NULL,
    NULL);

$link = mysqli_real_connect(
        $db, 'ip', 'user', 'password', 'db', 3306, NULL, MYSQLI_CLIENT_SSL);

if (!$link)
{
    die ('Connect error (' . mysqli_connect_errno() . '): ' . mysqli_connect_error() . "\n");
} else {
    // your queries should be here
     $db->close();
}

Hope this can help.