I get these error messages when logging in to phpmyadmin instance
Error during session start; please check your PHP and/or webserver log file and configure your PHP installation properly. Also ensure that cookies are enabled in your browser.
mysqli_query(): SSL operation failed with code 1. OpenSSL Error messages: error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length
mysqli_query(): MySQL server has gone away
mysqli_query(): Error reading result set's header
I have setup mysql certificated "self signed" on the hosts and from the maching running phpMyAdmin I can connect to remote MySql through the mysql client
expro_app@ubuntu-app:/etc/mysql$ mysql --ssl-ca=ca-cert.pem --ssl-cert=client-cert.pem --ssl-key=client-key.pem -h XX.XXX.X.103 -P 7306 -u admin_secure -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 45
Server version: 5.5.49-0ubuntu0.14.04.1 (Ubuntu)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status;
--------------
mysql Ver 14.14 Distrib 5.5.49, for debian-linux-gnu (x86_64) using readline 6.3
Connection id: 45
Current database:
Current user: admin_secure@ubuntu-app
SSL: Cipher in use is DHE-RSA-AES256-SHA
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.5.49-0ubuntu0.14.04.1 (Ubuntu)
Protocol version: 10
Connection: XX.XXX.X.103 via TCP/IP
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
TCP port: 7306
Uptime: 2 days 8 hours 7 min 31 sec
Threads: 1 Questions: 126 Slow queries: 0 Opens: 48 Flush tables: 1 Open tables: 41 Queries per second avg: 0.000
Here's the phpMyAdmin settings
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'XX.XXX.X.103';
$cfg['Servers'][$i]['port'] = 'XXXX';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['ssl']=true;
$cfg['Servers'][$i]['ssl_key'] = '/etc/mysql/client-key.pem';
$cfg['Servers'][$i]['ssl_cert'] = '/etc/mysql/client-cert.pem';
$cfg['Servers'][$i]['ssl_ca'] = '/etc/mysql/ca-cert.pem';
$cfg['Servers'][$i]['ssl_ciphers'] = 'DHE-RSA-AES256-SHA';
$cfg['Servers'][$i]['ssl_verify'] = false;
I am setting ssl_verify = false to avoid checking self-signed ceritifcates, given the little hack in libraries/dbi/DBIMysqli.php
if ($cfg['Server']['ssl']) {
mysqli_ssl_set(
$link,
$cfg['Server']['ssl_key'],
$cfg['Server']['ssl_cert'],
$cfg['Server']['ssl_ca'],
$cfg['Server']['ssl_ca_path'],
$cfg['Server']['ssl_ciphers']
);
/*
* disables SSL certificate validation on mysqlnd for MySQL 5.6 or later
* @link https://bugs.php.net/bug.php?id=68344
* @link https://github.com/phpmyadmin/phpmyadmin/pull/11838
*/
if (! $cfg['Server']['ssl_verify']) {
mysqli_options(
$link,
MYSQLI_OPT_SSL_VERIFY_SERVER_CERT,
$cfg['Server']['ssl_verify']
);
$client_flags |= MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT;
}
}
The error logs dont really help either, no OpenSSL messages there. On the remote server, nothing related to the phpMyAdmin machine's IP address on the MySql server machine either.
What am I missing here?
0 Answers