我有两台安装了 Ubuntu 16.04.1 LTS 的服务器,其中一台上我安装并配置了 mysql-server 以允许使用客户端证书进行身份验证。
在另一台服务器上,我按照说明安装了 apache2 和 PHP 7https://www.howtoforge.com/tutorial/install-apache-with-php-and-mysql-on-ubuntu-16-04-lamp/。
我能够通过 CLI 连接到数据库:
$ mysql -u my_user --ssl-ca=ca-cert.pem --ssl-cert=client-cert.pem --ssl-key=client-key.pem -h db_host my_db
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.7.16-0ubuntu0.16.04.1-log (Ubuntu)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
/var/www/html 包含以下文件:
$ ls -la /var/www/html/
total 44
drwxr-xr-x 2 root root 4096 Nov 20 07:27 .
drwxr-xr-x 3 root root 4096 Nov 20 06:35 ..
-rw-r--r-- 1 root root 1931 Nov 20 06:36 ca-cert.pem
-rw-r--r-- 1 root root 1931 Nov 20 06:36 ca.pem
-rw-r--r-- 1 root root 1809 Nov 20 06:36 client-cert.pem
-rw-r--r-- 1 root root 3243 Nov 20 06:36 client-key.pem
-rw-r--r-- 1 root root 11321 Nov 20 06:35 index.html
-rw-r--r-- 1 root root 1368 Nov 20 07:27 index.php
index.php内容如下:
$ cat index.php
<?php
ini_set ('error_reporting', E_ALL);
ini_set ('display_errors', '1');
error_reporting (E_ALL|E_STRICT);
$key = "client-key.pem";
$cert = "client-cert.pem";
$ca = "ca-cert.pem";
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = mysqli_init();
if ( $mysqli )
{
$mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, false);
$mysqli->ssl_set($key, $cert, $ca, NULL, NULL);
if (! $mysqli->real_connect('db_host','my_user', '', 'my_db', 3306, NULL, MYSQLI_CLIENT_SSL))
{
if ($mysqli->connect_errno)
{
echo "Sorry, this website is experiencing problems.";
echo "Error: Failed to make a MySQL connection, here is why: \n";
echo "Errno: " . $mysqli->connect_errno . "\n";
echo "Error: " . $mysqli->connect_error . "\n";
}
}
}
?>
当我使用浏览器访问index.php时,出现以下错误:
Warning: mysqli::real_connect(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number in /var/www/html/index.php on line 17
Warning: mysqli::real_connect(): Cannot connect to MySQL by using SSL in /var/www/html/index.php on line 17
Warning: mysqli::real_connect(): [2002] (trying to connect via tcp://db_host:3306) in /var/www/html/index.php on line 17
Fatal error: Uncaught mysqli_sql_exception in /var/www/html/index.php:17 Stack trace: #0 /var/www/html/index.php(17): mysqli->real_connect('db_host', 'my_user', '', 'my_db', 3306, '', 2048) #1 {main} thrown in /var/www/html/index.php on line 17
有谁知道为什么我无法通过 PHP 的 MySQLi 连接而 CLI 连接工作正常?
非常感谢任何解决此问题的指示。
多谢