Request ability to connect to MySQL using SSL
Closed, ResolvedPublic
Actions

Assigned To

None

Authored By

	• bzimport
	Dec 2 2011, 8:24 PM

Description

Author: todd_taft

Description:
I'd like to be able to connect to a (remote) MySQL server using SSL connections between the web server and the MySQL server.

Version: unspecified
Severity: enhancement

Details

Reference: bz32774

Event Timeline

• bzimport raised the priority of this task from to Needs Triage.Nov 21 2014, 11:58 PM

• bzimport added a project: MediaWiki-libs-Rdbms.

• bzimport set Reference to bz32774.

• bzimport added a subscriber: Unknown Object (MLST).

• bzimport created this task.Dec 2 2011, 8:24 PM

Note that as a workaround, you may be able to add flags to the mysql_connect() calls in DatabaseMySql::open().

preilly wrote:

You can find the list of flags located at http://www.php.net/manual/en/mysql.constants.php#mysql.client-flags

todd_taft wrote:

Replacing

$this->mConn = mysql_pconnect( $realServer, $user, $password );

with

$this->mConn = mysql_pconnect( $realServer, $user, $password, MYSQL_CLIENT_SSL );

and

this->mConn = mysql_connect( $realServer, $user, $password, true );

with

this->mConn = mysql_connect( $realServer, $user, $password, true, MYSQL_CLIENT_SSL );

in includes/db/DatabaseMysql.php seems to work.

It would be nice to have the appropriate magic in the installer (and presumably a variable in LocalSettings.php) to enable this without requiring this minor source code change.

Certainly worth seeing if we can do the same for Postgres and Oracle at the same

https://gerrit.wikimedia.org/r/19933

Doesn't add installer magic, unfortunately, because I don't have much experience with that. Somebody else can add those options if necessary.

Request ability to connect to MySQL using SSLClosed, ResolvedPublicActions

Description

Details

Event Timeline

Request ability to connect to MySQL using SSL
Closed, ResolvedPublic
Actions