|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80001 SSL connection error is not reported via mysqli::$connect_error
Submitted: 2020-08-20 06:01 UTC Modified: 2021-06-02 15:22 UTC
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: morozov at tut dot by Assigned:
Status: Open Package: MySQLi related
PHP Version: 7.4.9 OS: Linux
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2020-08-20 06:01 UTC] morozov at tut dot by
According to the documentation, mysqli::$connect_error returns the last error message string from the last call to mysqli_connect(). NULL is returned if no error occurred.

However, if the underlying connection error is related to SSL, mysqli::$connect_error remains NULL which is incorrect.

The reproduction script tries to connect to a MySQL server running in a container and relies on the fact that the CN in the autogenerated server certificate doesn't match its hostname.

The same problem is reproducible with literally any SSL error.

Test script:

$conn = mysqli_init();

$conn->ssl_set('client-key.pem', 'client-cert.pem', 'ca.pem', '', '');

if (!$conn->real_connect('', 'root', '', 'mysql')) {

Expected result:
$conn->connect_error contains a string with an error message.

Actual result:
Warning: mysqli::real_connect(): Peer certificate CN=`MySQL_Server_8.0.18_Auto_Generated_Server_Certificate' did not match expected CN=`' in /home/morozov/mysqi-tls.php on line 7

Warning: mysqli::real_connect(): Cannot connect to MySQL by using SSL in /home/morozov/mysqi-tls.php on line 7

Warning: mysqli::real_connect(): [2002]  (trying to connect via (null)) in /home/morozov/mysqi-tls.php on line 7

Warning: mysqli::real_connect(): (HY000/2002):  in /home/morozov/mysqi-tls.php on line 7


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2021-06-02 10:51 UTC]
-Status: Open +Status: Feedback -Assigned To: +Assigned To: cmb
 [2021-06-02 10:51 UTC]
Would that error be reported by openssl_error_string()?
 [2021-06-02 15:06 UTC] morozov at tut dot by
-Status: Feedback +Status: Assigned
 [2021-06-02 15:06 UTC] morozov at tut dot by
No, it returns false.
 [2021-06-02 15:22 UTC]
-Status: Assigned +Status: Open -Assigned To: cmb +Assigned To:
 [2021-06-02 15:22 UTC]
Thanks for the swift reply!  That would be a bug.
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Wed Jul 06 11:05:44 2022 UTC