Eu recebo essas mensagens de erro ao efetuar login na instância do phpmyadmin
Error during session start; please check your PHP and/or webserver log file and configure your PHP installation properly. Also ensure that cookies are enabled in your browser.
mysqli_query(): SSL operation failed with code 1. OpenSSL Error messages: error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length
mysqli_query(): MySQL server has gone away
mysqli_query(): Error reading result set's header
Eu tenho a configuração mysql certificada "auto-assinado" nos hosts e a partir do maching rodando o phpMyAdmin eu consigo conectar ao MySql remoto através do cliente mysql
expro_app@ubuntu-app:/etc/mysql$ mysql --ssl-ca=ca-cert.pem --ssl-cert=client-cert.pem --ssl-key=client-key.pem -h XX.XXX.X.103 -P 7306 -u admin_secure -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 45
Server version: 5.5.49-0ubuntu0.14.04.1 (Ubuntu)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status;
--------------
mysql Ver 14.14 Distrib 5.5.49, for debian-linux-gnu (x86_64) using readline 6.3
Connection id: 45
Current database:
Current user: admin_secure@ubuntu-app
SSL: Cipher in use is DHE-RSA-AES256-SHA
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.5.49-0ubuntu0.14.04.1 (Ubuntu)
Protocol version: 10
Connection: XX.XXX.X.103 via TCP/IP
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
TCP port: 7306
Uptime: 2 days 8 hours 7 min 31 sec
Threads: 1 Questions: 126 Slow queries: 0 Opens: 48 Flush tables: 1 Open tables: 41 Queries per second avg: 0.000
Aqui estão as configurações do phpMyAdmin
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'XX.XXX.X.103';
$cfg['Servers'][$i]['port'] = 'XXXX';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['ssl']=true;
$cfg['Servers'][$i]['ssl_key'] = '/etc/mysql/client-key.pem';
$cfg['Servers'][$i]['ssl_cert'] = '/etc/mysql/client-cert.pem';
$cfg['Servers'][$i]['ssl_ca'] = '/etc/mysql/ca-cert.pem';
$cfg['Servers'][$i]['ssl_ciphers'] = 'DHE-RSA-AES256-SHA';
$cfg['Servers'][$i]['ssl_verify'] = false;
Estou definindo ssl_verify = false para evitar a verificação de ceritifcados auto-assinados, dado o pequeno hack em libraries/dbi/DBIMysqli.php
if ($cfg['Server']['ssl']) {
mysqli_ssl_set(
$link,
$cfg['Server']['ssl_key'],
$cfg['Server']['ssl_cert'],
$cfg['Server']['ssl_ca'],
$cfg['Server']['ssl_ca_path'],
$cfg['Server']['ssl_ciphers']
);
/*
* disables SSL certificate validation on mysqlnd for MySQL 5.6 or later
* @link https://bugs.php.net/bug.php?id=68344
* @link https://github.com/phpmyadmin/phpmyadmin/pull/11838
*/
if (! $cfg['Server']['ssl_verify']) {
mysqli_options(
$link,
MYSQLI_OPT_SSL_VERIFY_SERVER_CERT,
$cfg['Server']['ssl_verify']
);
$client_flags |= MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT;
}
}
Os logs de erro também não ajudam, nenhuma mensagem do OpenSSL. No servidor remoto, nada relacionado ao endereço IP da máquina phpMyAdmin na máquina do servidor MySql.
O que estou perdendo aqui?
Tags openssl phpmyadmin mysql5.5 php56