从 Web 服务器连接到远程 MySQL 数据库服务器时出错
[英]Error when connecting from a web server to a remote MySQL DB Server
问题描述
I have been struggling to connect from a Ubuntu version 16.04 web server (running on 1 AWS instance, with PHP 7.0.33 and Apache 2.7.18) communicating with a data base server using MySQL 8.0.19 running on another AWS instance (running Ubuntu version 16.04).
我一直在努力从 Ubuntu 16.04 版 Web 服务器(在 1 个 AWS 实例上运行,使用 PHP 7.0.33 和 Apache 2.7.18)与使用在另一个 AWS 实例上运行的 MySQL 8.0.19(运行 Ubuntu 16.04 版)。
I set up the data base server and configured it as follows:我设置了数据库服务器并将其配置如下:
I edit the file /etc/mysql/mysql.conf.d/mysqld.cnf我编辑文件 /etc/mysql/mysql.conf.d/mysqld.cnf
I add the following in the [mysqld] section [mysqld]我在 [mysqld] 部分 [mysqld] 中添加以下内容
require_secure_transport = on
I save the file and from the console issue:我保存文件并从控制台问题:
sudo mysql_ssl_rsa_setup --uid=mysql
I then restart mysql with:然后我重新启动mysql:
sudo systemctl restart mysql
I have created a data base and tables on this data base server.我在这个数据库服务器上创建了一个数据库和表。
I also created a remote user on this data base server as follows (IP address and user are fictitious):我还在这个数据库服务器上创建了一个远程用户,如下(IP地址和用户是虚构的):
CREATE USER 'Master'@'1.26.4.44' IDENTIFIED BY 'admin';
GRANT ALL PRIVILEGES ON sample_data_base.* TO ' Master'@'1.26.4.44';
FLUSH PRIVILEGES;
Exit
I successfully test the connectivity to this db server from the web server client instance:我成功地测试了从 web 服务器客户端实例到这个数据库服务器的连接:
mysql -u Master -p -h '1.26.4.44'
However when I use the following PHP code snippet from the web server client instance to open the connection to the data base server, I get an error (see below):但是,当我使用来自 Web 服务器客户端实例的以下 PHP 代码片段打开与数据库服务器的连接时,出现错误(见下文):
// set up for remote DB access
$dbhost = '1.26.4.44'; // Unlikely to require changing
$dbname = 'sample_data_base'; // Modify these...
$dbuser = 'Master'; // ...variables according
$dbpass = "admin"; // ...to your installation
$appname = "test_app"; // ...and preference
$dbconnection = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
if ( !$dbconnection)
{
echo "connection failed ";
die('Connect Error (' . mysqli_connect_errno() . ') '
. mysqli_connect_error());
}
The error is:错误是:
Connect Error (3159) Connections using insecure transport are prohibited while --require_secure_transport=ON
Just as an FYI, when I comment out the line on the data base server in the file /etc/mysql/mysql.conf.d/mysqld.cnf仅供参考,当我在文件 /etc/mysql/mysql.conf.d/mysqld.cnf 中注释掉数据库服务器上的行时
# require_secure_transport = on
There are no issues with the php code connection to the remote data base server. php 代码连接到远程数据库服务器没有问题。
What am I missing on the web server client side to let me connect to the remote db server from the php code?我在 Web 服务器客户端缺少什么让我从 php 代码连接到远程数据库服务器?
1 个解决方案
解决方案1
0 2020-02-18 19:56:54
You need extra configurations in your db setup:您需要在数据库设置中进行额外配置:
$db = mysqli_init();
mysqli_options ($db, MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);
$db->ssl_set(
'/etc/mysql/ssl/client-key.pem',
'/etc/mysql/ssl/client-cert.pem',
'/etc/mysql/ssl/ca-cert.pem',
NULL,
NULL);
$link = mysqli_real_connect(
$db, 'ip', 'user', 'password', 'db', 3306, NULL, MYSQLI_CLIENT_SSL);
if (!$link)
{
die ('Connect error (' . mysqli_connect_errno() . '): ' . mysqli_connect_error() . "\n");
} else {
// your queries should be here
$db->close();
}
Hope this can help.希望这能有所帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.