We run Wordpress in a sub folder of our main .NET solution on a cloud service. We have moved our MySQL from CloudDB to Azure MySQL, however it will only connect if we set the "Enforce SSL Connection" to disabled. The Wordpress wp-config.php has the following <pre class="prettyprint"><code>define('DB_SSL', true); </code></pre> I presume the issue is we need to pass a certificate, but it is not clear to me how we can set this in Wordpress so it is passed when connecting over SSL.

Here is what I did: <ol> <li>Obtain SSL certificate and save the certificate file to the root of my Wordpress project.</li> <li> Add the following into <code>wp-config.php</code>: <pre class="prettyprint"><code>define('DB_SSL', true); </code></pre> </li> <li> Add this to the function <code>db_connect()</code> in my <code>wp-includes/wp-db.php</code>. It must be called before <code>mysqli_real_connect()</code>: <pre class="prettyprint"><code>// Just add this line mysqli_ssl_set($this->dbh, NULL, NULL, ABSPATH . 'BaltimoreCyberTrustRoot.crt.pem', NULL, NULL); if ( WP_DEBUG ) { mysqli_real_connect( $this->dbh, $host, $this->dbuser, $this->dbpassword, null, $port, $socket, $client_flags ); } else { @mysqli_real_connect( $this->dbh, $host, $this->dbuser, $this->dbpassword, null, $port, $socket, $client_flags ); } </code></pre> </li> </ol> The solution seems a bit dirty but it works for me.

I found the solution to be much simpler when using an Azure mySQL database server in conjunction with a Wordpress container image. If you're using a VPS this may not apply. <ul> <li>Download the BaltimoreCyberTrustRoot.crt.pem referenced here: https://learn.microsoft.com/en-us/azure/mysql/howto-configure-ssl </li> <li>Place the file in the root of your Wordpress install</li> <li>Add these two variables in wp-config:</li> <li><code>define( 'MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL );</code></li> <li><code>define('MYSQL_SSL_CA_PATH','/');</code></li> </ul>

Configure Wordpress on Azure Cloud Service to connect to Azure MySQL over SSL

We run Wordpress in a sub folder of our main .NET solution on a cloud service. We have moved our MySQL from CloudDB to Azure MySQL, however it will only connect if we set the "Enforce SSL Connection" to disabled.

The Wordpress wp-config.php has the following

define('DB_SSL', true);

I presume the issue is we need to pass a certificate, but it is not clear to me how we can set this in Wordpress so it is passed when connecting over SSL.

How do I connect to MySQL on Azure App Service?

Choosing the "Allow access to Azure services" option will allow the app service to connect to the MySQL server. On the MySQL server blade, under the Settings heading, click Connection Security to open the Connection Security blade for Azure Database for MySQL. Select ON in Allow access to Azure services, then Save.

How do I enable SSL on MySQL server?

Enable SSL Connections on MySQL Now, connect to the MySQL shell and check the status with the following command: mysql -u root -p --ssl-mode=required mysql> SHOW VARIABLES LIKE '%ssl%'; You should see that both have_openssl and have_ssl variables are now enabled.

What is SSL connection in MySQL?

11: MySQL client programs support an --ssl-mode option that enables you to specify the security state of the connection to the server. The --ssl-mode option comprises the capabilities of the client-side --ssl and --ssl-verify-server-cert options.

Here is what I did:

Obtain SSL certificate and save the certificate file to the root of my Wordpress project.
Add the following into wp-config.php:
```
define('DB_SSL', true);
```

Add this to the function db_connect() in my wp-includes/wp-db.php. It must be called before mysqli_real_connect():

// Just add this line
mysqli_ssl_set($this->dbh, NULL, NULL, ABSPATH . 'BaltimoreCyberTrustRoot.crt.pem', NULL, NULL); 

if ( WP_DEBUG ) {
    mysqli_real_connect( $this->dbh, $host, $this->dbuser, $this->dbpassword, null, $port, $socket, $client_flags );
} else {
    @mysqli_real_connect( $this->dbh, $host, $this->dbuser, $this->dbpassword, null, $port, $socket, $client_flags );
}

The solution seems a bit dirty but it works for me.

This will solve the issue by adding these lines to wp_config.php

define(‘MYSQL_CLIENT_FLAGS’, MYSQLI_CLIENT_SSL);
define(‘MYSQL_SSL_CA’, getenv(‘MYSQL_SSL_CA’));
define(‘MYSQL_CLIENT_FLAGS’, MYSQLI_CLIENT_SSL | MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT );

I found the solution to be much simpler when using an Azure mySQL database server in conjunction with a Wordpress container image. If you're using a VPS this may not apply.

Download the BaltimoreCyberTrustRoot.crt.pem referenced here: https://learn.microsoft.com/en-us/azure/mysql/howto-configure-ssl
Place the file in the root of your Wordpress install
Add these two variables in wp-config:
define( 'MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL );
define('MYSQL_SSL_CA_PATH','/');

Configure Wordpress on Azure Cloud Service to connect to Azure MySQL over SSL

Tags:

php

mysql

ssl

wordpress

azure

Jezbers

People also ask

3 Answers

Aaron Chen

Anurag Tiwari

esjay

Recent Activity

Donate For Us

Configure Wordpress on Azure Cloud Service to connect to Azure MySQL over SSL

Tags:

php

mysql

ssl

wordpress

azure

Jezbers

People also ask

3 Answers

Aaron Chen

Anurag Tiwari

esjay

Related questions

Recent Activity

Donate For Us