php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #72878 PDO SSL connection
Submitted: 2016-08-18 07:19 UTC Modified: -
From: mblkblta at gmail dot com Assigned:
Status: Open Package: PDO MySQL
PHP Version: 7.0.9 OS: Windows 10
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2016-08-18 07:19 UTC] mblkblta at gmail dot com
Description:
------------
Peer certificate CN='SomeName' did not match expected CN='someIP' - the main error.
We have a verify_peer_name setting by SSL connection that exists in mysqli, smtp, openssl settings, but not in PDO. We have a link with investigation about this question http://stackoverflow.com/questions/36493062/php-mysql-over-ssl-peer-certificate-did-not-match, but it can't help for PDO. All settings which could be is in test script.
I'm not a professional, but I didn't find any decision after 3 days searching... Ask for directing me to right way or fix it and add setting like PDO::MYSQL_VERIFY_PEER_NAME.

Test script:
---------------
$dbInfo = array
(
    'dsn'  => 'mysql:host=123.45.67.890;dbname=someDB;port=3306',
    'user' => 'user',
    'pass' => 'userpassword'
);

$con = new PDO
        (
        $dbInfo['dsn'], $dbInfo['user'], $dbInfo['pass'], 
            [
                PDO::MYSQL_ATTR_SSL_CIPHER => 'AES256-SHA',
                PDO::MYSQL_ATTR_SSL_CA   => 'ca-cert.pem',
                PDO::MYSQL_ATTR_SSL_KEY  => 'client-key.pem',
                PDO::MYSQL_ATTR_SSL_CERT => 'client-cert.pem',
            ]
        );


Patches

SSL-PDO-connection-older-5.6 (last revision 2016-08-18 07:29 UTC by mblkblta at gmail dot com)

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Tue Sep 17 13:01:36 2019 UTC