堆栈内存溢出
  简体   繁体   English

使用 PHP 通过 SSL 将 AWS EC2 实例连接到 RDS MySQL

[英]Connect AWS EC2 instance to RDS MySQL through SSL using PHP

 原文  2020-01-11 16:44:44       php/ amazon-web-services/ ssl/ mysqli/ amazon-ec2

问题描述

I am unable to make my AWS EC2 instance connect to my RDS MySQL DB through SSL.我无法让我的 AWS EC2 实例通过 SSL 连接到我的 RDS MySQL 数据库。

AWS EC2 Linux 2, Apache 2.4.39, PHP 7.3.10, MySQL 5.7.26. AWS EC2 Linux 2、Apache 2.4.39、PHP 7.3.10、MySQL 5.7.26。 In order for my application that resides in EC2 to have a secure connection in transit, it must utilize SSL/TLS.为了让驻留在 EC2 中的应用程序在传输过程中具有安全连接,它必须使用 SSL/TLS。 My understanding that given my PHP/MySQL application, I need to perform the code below.我的理解是,鉴于我的 PHP/MySQL 应用程序,我需要执行以下代码。 In order not to affect my DB, I have set up a test DB.为了不影响我的数据库,我设置了一个测试数据库。 The new user is called new-user with its own password.新用户被称为具有自己密码的新用户。 I got the bundled PEM file rds-combined-ca-bundle.pem from https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem and placed it in a browser accessible directory on the EC2 server as directed by that AWS page.我从https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem获得了捆绑的 PEM 文件 rds-combined-ca-bundle.pem 并将其放置在 EC2 上的浏览​​器可访问目录中由该 AWS 页面指示的服务器。

Any ideas why "Unable to set private key file `rds-combined-ca-bundle.pem' " in the output?任何想法为什么“无法在输出中设置私钥文件‘rds-combined-ca-bundle.pem’”?

**In AWS-test-ssl-script.php** ..

20 define ('MYSQLI', 'AWS-test-connect.php');

**In 'AWS-test-connect.php'** ..

12 $dbc=mysqli_init();
13 mysqli_ssl_set($dbc, NULL, "/dir/rds-combined-ca-bundle.pem", NULL, NULL, NULL);
14 mysqli_real_connect($dbc,"DB_server","new-user","password");

16 $res = mysqli_query($dbc, 'SHOW STATUS like "Ssl_cipher"');
17 print_r(mysqli_fetch_row($res));
18 mysqli_close($dbc);

**In AWS-test-ssl-script.php** ..

35 require(MYSQLI);

44 $sel = "CREATE USER IF NOT EXISTS 'new-user'@'%' IDENTIFIED BY 'password' REQUIRE SSL";
45 $sel_qry = mysqli_query($dbc, $sel);
46 mysqli_close($sel_qry);

48 $grant = "GRANT SELECT, INSERT, UPDATE, DELETE
49 ON testdb
50 TO new-user@%";
51 $grant_qry = mysqli_query($dbc, $grant);
52 mysqli_close($grant_qry);```

Output ..
Warning: mysqli_real_connect(): Unable to set private key file `rds-combined-ca-bundle.pem' in AWS-test-connect.php on line 14
Warning: mysqli_real_connect(): Cannot connect to MySQL by using SSL in AWS-test-connect.php on line 14
plus other warnings.

1 个解决方案

解决方案1
 1  2020-01-11 17:02:22

It's a PHP mysqli_real_connect() error reporting that the specified SSL key cannot be found.这是一个 PHP mysqli_real_connect() 错误报告无法找到指定的 SSL 密钥。

That key is referenced in this statement on line 13:在第 13 行的此语句中引用了该键:

 mysqli_ssl_set($dbc, NULL, "/dir/rds-combined-ca-bundle.pem", NULL, NULL, NULL);

That message suggests that key file does not exist, or has incorrect permissions.该消息表明密钥文件不存在,或权限不正确。 Can you confirm that file is accessible in that directory?您能确认该目录中的文件可以访问吗?

You could also turn off SSL if it's not crucial and see if that works.如果它不重要,您也可以关闭 SSL 并查看它是否有效。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法通过AWS EC2实例使用PHP连接到AWS MYSQL RDS实例 - Unable to connect to AWS MYSQL RDS instance using PHP via AWS EC2 Instance AWS EC2 RDS无法连接到mysql - AWS EC2 RDS cannot connect to mysql 使用PHP从EC2通过VPC连接到RDS实例 - Connecting to RDS instance through VPC from EC2 using PHP EC2使用PHP连接RDS - EC2 connect RDS using PHP 无法从 EC2 连接 AWS RDS (MYSQL) - Not able to connect AWS RDS (MYSQL) From EC2 PHP-无法在AWS EC2上连接到MySQL - PHP - Cannot connect to mysql on aws ec2 AWS EC2 突然无法连接 RDS? - AWS EC2 suddenly cannot connect to RDS? 通过基于密钥的身份验证通过PHP连接到EC2实例上的MySql - Connect through PHP to MySql on EC2 instance with key-based authentication 如何通过SSL通过SSL连接到Amazon MySQL RDS实例 - How to connect to an Amazon MySQL RDS instance via PHP over SSL 使用PHP在AWS EC2实例上运行网站Apache2 - Running a website Apache2 on AWS EC2 instance using PHP
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM