Php MySQL SSL远程连接错误:无法获取私钥
我正在尝试编写一个PHP脚本(托管在带有GoDaddy的VPS上),该脚本使用SSL连接到远程MySQL数据库(托管在AmazonEC2实例上) 我生成了一些证书(根据),并在远程/服务器数据库上配置了my.cnf,如下所示:Php MySQL SSL远程连接错误:无法获取私钥,php,mysql,ssl,Php,Mysql,Ssl,我正在尝试编写一个PHP脚本(托管在带有GoDaddy的VPS上),该脚本使用SSL连接到远程MySQL数据库(托管在AmazonEC2实例上) 我生成了一些证书(根据),并在远程/服务器数据库上配置了my.cnf,如下所示: [mysqld] ssl-ca =/etc/mysql/ca-cert.pem ssl-cert =/etc/mysql/server-cert.pem ssl-key =/etc/mysql/server-key.pem [client] ss
[mysqld]
ssl-ca =/etc/mysql/ca-cert.pem
ssl-cert =/etc/mysql/server-cert.pem
ssl-key =/etc/mysql/server-key.pem
[client]
ssl-ca =/etc/mysql/ca-cert.pem
ssl-cert =/etc/mysql/client-cert.pem
ssl-key =/etc/mysql/client-key.pem
mysql -h hostIP --ssl-ca=ca-cert.pem --ssl-cert=client-cert.pem --ssl-key=client-key.pem –u ssluser –p
ERROR 2026 (HY000): SSL connection error: Unable to get private key
(HY000/2026): SSL connection error: Unable to get private key
<?php
$link = mysqli_init();
$key = '/home/userName/etc/mysql/certs/client-key.pem' ;
$cert = '/home/userName/etc/mysql/certs/client-cert.pem';
$ca = '/home/userName/etc/mysql/certs/ca-cert.pem';
$capath = NULL;
$cipher = NULL;
mysqli_ssl_set ( $link , $key , $cert , $ca , $capath , $cipher );
mysqli_real_connect ($link, $host, $user, $pass, $schema, 3306, NULL, MYSQLI_CLIENT_SSL);
?>
有没有我错过的一步?我做错了什么?已解决: 使用删除了client-key.pem密码短语
openssl rsa -in client-key.pem -out client-key2.pem
$key = '/home/userName/etc/mysql/certs/client-key2.pem' ;
[client]
ssl-key =/etc/mysql/client-key.pem
“openssl genrsa”以PKCS#1格式生成密钥:
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
查看链接了解详细信息在我的案例中,server-key.pem的所有者是root而不是mysql。对于我来说,密钥需要转换为完整的rsa格式,而不仅仅是更改头:
openssl rsa-in-client.key-out-client.key.rsa多亏了dba交换上的那个答案 将SSL CA文件传递到MySQL中的SSL密钥文件时,也会发生此错误
我认为第一个命令应该是带有破折号而不是下划线的输出
client-key2.pemopenssl rsa-in-client-key.pem-out-client-key.pem。截至2017年1月26日的openssl 1.0.2k,此命令需要密码,没有密码无法完成。
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----