Menu
We run Wordpress in a sub folder of our main .NET solution on a cloud service. We have moved our MySQL from CloudDB to Azure MySQL, however it will only connect if we set the "Enforce SSL Connection" to disabled.
The Wordpress wp-config.php has the following
define('DB_SSL', true);
I presume the issue is we need to pass a certificate, but it is not clear to me how we can set this in Wordpress so it is passed when connecting over SSL.
630
Choosing the "Allow access to Azure services" option will allow the app service to connect to the MySQL server. On the MySQL server blade, under the Settings heading, click Connection Security to open the Connection Security blade for Azure Database for MySQL. Select ON in Allow access to Azure services, then Save.
Enable SSL Connections on MySQL Now, connect to the MySQL shell and check the status with the following command: mysql -u root -p --ssl-mode=required mysql> SHOW VARIABLES LIKE '%ssl%'; You should see that both have_openssl and have_ssl variables are now enabled.
11: MySQL client programs support an --ssl-mode option that enables you to specify the security state of the connection to the server. The --ssl-mode option comprises the capabilities of the client-side --ssl and --ssl-verify-server-cert options.
Here is what I did:
Obtain SSL certificate and save the certificate file to the root of my Wordpress project.
Add the following into wp-config.php:
define('DB_SSL', true);
Add this to the function db_connect() in my wp-includes/wp-db.php. It must be called before mysqli_real_connect():
// Just add this line
mysqli_ssl_set($this->dbh, NULL, NULL, ABSPATH . 'BaltimoreCyberTrustRoot.crt.pem', NULL, NULL);
if ( WP_DEBUG ) {
mysqli_real_connect( $this->dbh, $host, $this->dbuser, $this->dbpassword, null, $port, $socket, $client_flags );
} else {
@mysqli_real_connect( $this->dbh, $host, $this->dbuser, $this->dbpassword, null, $port, $socket, $client_flags );
}
The solution seems a bit dirty but it works for me.
56
This will solve the issue by adding these lines to wp_config.php
define(‘MYSQL_CLIENT_FLAGS’, MYSQLI_CLIENT_SSL);
define(‘MYSQL_SSL_CA’, getenv(‘MYSQL_SSL_CA’));
define(‘MYSQL_CLIENT_FLAGS’, MYSQLI_CLIENT_SSL | MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT );
I found the solution to be much simpler when using an Azure mySQL database server in conjunction with a Wordpress container image. If you're using a VPS this may not apply.
define( 'MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL );define('MYSQL_SSL_CA_PATH','/');
2
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
