On 9/19/2012 1:27 PM, Marc Delisle wrote:
Le 2012-09-19 13:10, Isaac Bennetch a écrit :
Hi,
While there is a configuration directive ($cfg['Servers'][$i]['ssl']) to
use an SSL connection for connecting to the MySQL server[1], it doesn't
seem to work. PHP requires a number of extra variables when initiating
an SSL connection (certificate path, key file, etc). I think I've fixed
up the existing code, but I don't have an ssl-enabled mysql install.
Yeah, I'll probably eventually compile my own, but right now I don't
have time for that.
Is anyone in a position to test my branch?
https://github.com/ibennetch/phpmyadmin.git in the ssl branch or
https://github.com/ibennetch/phpmyadmin/zipball/ssl -- you'll want to
refer to Documentation.html for the appropriate configuration options.
Thanks
1 - not from the client to phpMyAdmin, that is ForceSSL and beyond the
scope of what I'm talking about)
Hi Isaac,
any particular MySQL version suggested for this test?
No, any MySQL (or variant such as MariaDB) that has ssl support compiled
in should be valid for testing purposes. I'm sure I'll get around to
compiling my own eventually, but hoped for a quick test in the meantime
to see if I'm on the right track. Seems to me the groundwork was laid
previously and there are just a few additional options that need to be
configured...and, while we're discussing it on the list, making this
feature work will require adding a few configuration options. Is that
going to be acceptable?
Currently, we've already got $cfg['Servers'][$i]['ssl'] and my branch
adds:
$cfg['Servers'][$i]['ssl_key']
$cfg['Servers'][$i]['ssl_cert']
$cfg['Servers'][$i]['ssl_ca']
$cfg['Servers'][$i]['ssl_ca_path']
$cfg['Servers'][$i]['ssl_ciphers']
Which are all sort of explained in the PHP manual
http://www.php.net/manual/en/mysqli.ssl-set.php ...anyone who has the
wherewithal to enable only ssl connections probably knows where each of
those items resides on their file system.
Regards,
~isaac