MySQL connectors doesn't support SSL
Reported by Jonas | April 7th, 2010 @ 04:01 PM | in Future
Today, at WebGoal, we
had to setup a secure connection to a MySQL server.
As the CakePHP's MySql connectors doesn't support SSL, we created a
new subclass (attached) that overwrites the connect
method.
After that, we added the following keys to our database config:
'flags' => MYSQL_CLIENT_SSL,
'ssl' => array(
'server-key' => '../config/mysql_ssl_herbertt/server-key.pem',
'server-cert' => '../config/mysql_ssl_herbertt/server-cert.pem',
'ca-cert' => '../config/mysql_ssl_herbertt/ca-cert.pem'
)
I suggest you to incorporate this functionality into the CakePHP's MySQL connectors, DboMysql and DboMysqli.
Comments and changes to this ticket
-
Jonas April 7th, 2010 @ 07:20 PM
- → Tag changed from “mysql database ssl security” to “database, mysql, security, ssl”
-
Mark Story April 7th, 2010 @ 10:44 PM
- → Tag changed from “database, mysql, security, ssl” to “database, enhancement, mysql, security, ssl”
- → Milestone set to “1.3.0”
-
Jonas April 12th, 2010 @ 01:20 PM
We changed the connector so the ssl conf in database.php is optional.
-
-
Jonas April 16th, 2010 @ 01:24 PM
We've made some changes to the MySQL driver in order to make it more clear.
Also, now the settings in database.php are:
'flags' => MYSQL_CLIENT_SSL, 'ssl' => array( 'key' => '/var/www/conlicitacao-controle/replicacao/app/config/mysql_ssl_herbertt/server-key.pem', 'cert' => '/var/www/conlicitacao-controle/replicacao/app/config/mysql_ssl_herbertt/server-cert.pem', 'ca' => '/var/www/conlicitacao-controle/replicacao/app/config/mysql_ssl_herbertt/ca-cert.pem', 'capath' => null, 'cipher' => null ) -
Jonas April 16th, 2010 @ 03:42 PM
I've sent a pull request to cakephp and markstory at GitHub.
As soon as it's accepted I'm going to write a new page at http://book.cakephp.org/ regarding this new feature.Adding support for SSL secured connections to the DboMysqli datasource as of ticket #556.
http://cakephp.lighthouseapp.com/projects/42648/tickets/556-mysql-c... -
Mark Story April 17th, 2010 @ 11:03 AM
Well currently 1.3 is feature frozen, so it will probably wait until the next release.
-
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
Source available from github
Repository is at http://github.com/cakephp/cakephp
Creating a bug report
When creating a bug report, please include as much relevant information as possible. Please include code to reproduce the issue. Or even better, make a unit test. Either change an existing test or add a new test to show that the expected behavior is not occuring.
People watching this ticket
Attachments
Tags
Referenced by
-
#556 MySQL connectors doesn't support SSL
Adding support for SSL secured connections to the DboMysq...
-
#556 MySQL connectors doesn't support SSL
Adding support for SSL secured connections to the DboMysq...