Re: Magento 2 - Mysql connection through SSL

Arndroid · ‎05-21-2018

How can we make a database user for the Magento 2 setup connect with SSL?

Can we tell Magento 2 to use the ca and client certs/keys somewhere?

This is especially important when the database is remotely accessed.

So far, I found this through searching in google and the forums:

https://www.eschrade.com/page/configuring-mysql-ssl-in-magento/

But it's a solution for Magento 1.

Thanks in advance.

zmirli_nazim · ‎05-22-2018

Then I get prompted for my password, and if I enter it, I can connect. But I need to automate this connection, and appending the password to the line above is a bad idea (and never works anyway Plex Lucky Patcher Kodi - which I also wonder about). So how can I securely connect to the client in an automated way without hardcoding a password? When I generated the certificates following the instructions at the link above I got eight .pem documents, most of which I'm not using.

Arndroid · ‎05-23-2018

The link above is meant for Magento 1 installations.

You create those pem files for the client and the server side. (4 total)

You also should've been told to create CA keys, those can be used on both sides. (2 total)

So a total of 6 seems about right, you probably just created the CA keys twice, on both the client and server, instead of copying those over.

charles _gogerly · ‎10-20-2018

Does anyone know as to which Mysql.php file is being used as the endpoint for database connectivity please out of the following files.

./vendor/magento/framework/Model/ResourceModel/Type/Db/Pdo/Mysql.php
./vendor/magento/framework/DB/Statement/Pdo/Mysql.php
./vendor/magento/framework/DB/Adapter/Pdo/Mysql.php
./vendor/magento/magento2-base/dev/tests/integration/framework/Magento/TestFramework/Db/Adapter/Mysql.php
./vendor/magento/magento2-base/dev/tests/integration/framework/Magento/TestFramework/Db/Mysql.php
./vendor/magento/zendframework1/library/Zend/Db/Adapter/Pdo/Mysql.php
./vendor/zendframework/zend-db/src/Sql/Platform/Mysql/Mysql.php
./vendor/zendframework/zend-db/src/Adapter/Platform/Mysql.php
./dev/tests/integration/framework/Magento/TestFramework/Db/Adapter/Mysql.php
./dev/tests/integration/framework/Magento/TestFramework/Db/Mysql.php

charles _gogerly · ‎11-08-2018

After breaking my head over it, found a way to do it, I run it on Amazon RDS.

All you have to do is

edit /app/etc/env.php

and add driver options to the env file for your data base.

edit lines 17/18 to depict the following

'active' => '1',
'driver_options' => array(PDO::MYSQL_ATTR_SSL_CA => '/certlocation/cetificate.pem',)

There are more attributes that you can use please google it depending on your database situation

For example

(PDO::MYSQL_XXX_SSLXXX => 'pathtothefile',)

Good luck!

chris_camm · ‎01-21-2019

I added the two line and can access the database and Magento starts however I still have the following errors in my update.log

setup-cron.ERROR: SQLSTATE[HY000] [9002] SSL connection is required. Please specify SSL options and retry.

Also when I try to run:

php app/magento setup:update

I get

SQLSTATE[HY000] [9002] SSL connection is required. Please specify SSL options and retry.

If I turn off SSL on the database it works.

robertschmidt · ‎06-19-2019

Did anyone managed to configure the env.php file in magento so that an SSL connection is properly made?

Mukesh Tiwari · ‎08-23-2023

You may use the SSL connection to database by adding following settings in the app/etc/env.php

'persistent' => null,
    'driver_options' => [
        1014 => true,
        1009 => '/etc/ssl/CA.crt.pem'
    ]
],

You should have a valid SSL certificate to connect to MySQL server.

Also refer : https://github.com/magento/magento2/issues/13561

---
Problem Solved Click Accept as Solution!:Magento Community India Forum