Download the PHP package elliotsawyer/silverstripe-mysql-ssl without Composer

On this page you can find all versions of the php package elliotsawyer/silverstripe-mysql-ssl. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of elliotsawyer/silverstripe-mysql-ssl

Informations about the package silverstripe-mysql-ssl

MySQL SSL support for SilverStripe 4

Why does this exist?

Silverstripe 4 does not allow MySQL connections over SSL. The feature was removed during the early betas for unknown reasons and has not yet been restored. An issue has been raised but remains unfixed. This module adds that support back in.

Update: This module is no longer needed for Silverstripe 4.13 and Silverstripe 5, and the above issue has now been resolved. This module will remain online for historical needs, as the documention provides context for setup on Azure

Installation

composer require elliotsawyer/silverstripe-mysql-ssl

Configuration

Set the following variables in your .env

If the certificates and key are not defined, the database will connect without the SSL connection.

PDO will not work (see below) - you must use MySQLi. By default MySQLi will attempt verify your SSL certificate before connecting. You will need to disable this if you are using self-signed certificates.

Localhost vs 127.0.0.1 vs IP address

When your webserver and MySQL are on the same server, communication is done through socket connections and SSL is mostly irrelevant. MySQLi expects an IP address when using SSL, so use 127.0.0.1 in this case.

For connections over a network, you must use an IP address or database host as the hostname.

If you see an error this stream does not support SSL/crypto, this is the most likely cause.

More info: https://blog.machek.co.uk/2016/06/php-with-mysql-and-ssl.html

MySQLi vs PDO

When using PDO with SSL, PHP aborts with a "Trap 6" error. This is usually due to use of unverified certs, and may be related to non-existed hostnames in the CN attributes of the cert. A flag exists to override this behaviour but does not seem to work in some recent versions of PHP.

MySQLi has a similar issue, but its flag does work. As such, this module requires you to use MySQLiConnector instead of PDOConnector. In practice, this should not be an issue because Silverstripe's ORM will handle database abstraction.

Verifying the SSL connection

You can verify that the secure connection is working by running the following SQL command: DB::query("SHOW STATUS LIKE '%ssl_cipher'");. If you are connected via SSL, you will get an array with one result:

If you have the environmentcheck module installed, this is checked automatically and fails if an unsecured connection is used.

Microsoft Azure for MySQL users

This module can be used to connect with Azure over a secure SSL connection. For security reasons, Azure enforces an SSL connection by default and strongly discourages you from turning it off.

  1. Before you begin: make sure your firewall settings are not blocking the connection from occurring. These rules can be configured in Azure
  2. First, you must obtain a particular CA cert per the Azure documentation: https://www.digicert.com/CACerts/BaltimoreCyberTrustRoot.crt.pem
  3. Save this certificate to a location accessible to your webserver, such as /path/to/your/website/.well-known/BaltimoreCyberTrustRoot.crt.pem
  4. Add the following information to your .env file or environment variables

The module will convert the exact string "NULL" to a PHP null value for these specific database variables. Alternatively, instead of SS_DATABASE_SSL_CIPHER, you may define the following to a config.yml file:

The default cipher used by the MySQLiConnector class will not work with Azure. If you see an error Abort trap: 6, this is the most likely reason.

  1. You're almost there! If you attempt to run a /dev/build now, you may see a message "Unknown database ''". The good news is that Silverstripe has connected to your database over SSL. The other (bad?) news is that your database user provided to you by Azure may not have permissions to create a database, so you will be unable to create your specified database automatically. If this happens, you will need to log into Azure through some other means, such as the MySQL client, Sequel Pro, or MySQL Workbench to create the database manually:

  2. Run /dev/build again. If all goes well you should see CREATING DATABASE TABLES running slowly but successfully.

Contributing

Contributions are more than welcome! Please raise some issues or create pull requests on the Github repo.

Acknowledgments

Thanks to maxime-rainville and obj63mc for the original sample code that this module was built from.

Support

Need some extra help or just love my work? Consider shouting me a coffee or a small donation if this module helped you solve a problem. I accept cryptocurrency at the following addresses:

All versions of silverstripe-mysql-ssl with dependencies

PHP Build Version
Package Version
Requires silverstripe/framework Version ^4
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package elliotsawyer/silverstripe-mysql-ssl contains the following files

Loading the files please wait ....