PHP Mysql connection with SSL is not working PDO

Question

Mysql server is running php5.3. New webserver is running php7.1 (migrated from php5.3). When I try to connect Mysql server with ssl its not working.

try {
$dbh = new PDO($dsn, $user, $password, array(PDO::MYSQL_ATTR_SSL_KEY  => '/etc/mysql/client-key.pem',
                                             PDO::MYSQL_ATTR_SSL_CERT => '/etc/mysql/client-cert.pem',
                                             PDO::MYSQL_ATTR_SSL_CA   => '/etc/mysql/ca-cert.pem')
              );
    echo "Connestion established";
} catch (PDOException $e) {
    echo 'Connection failed: ' . $e->getMessage();
}

Connection failed: SQLSTATE[HY000] [2002]

PDO::__construct(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

But, When I remove SSL block from connection, its working fine. I don't know what's going on. May be version mismatch of server and client. Becasue I am using old public key and private key.

Is it because of mysql client and server version mismatch?

PS: I have upgraded php7 in webserver only.

Answer 1

So, after searching and reading I believe that the problem is due to the fact that SSL handling has been approved as of PHP 5.6 and peer verification is now on by default.

While the following is not about mysql but about fsock, I think this post answers your question: https://stackoverflow.com/a/32366242/2459026

You could either disable peer verification (which tends not to be a good idea) or fix your root certificates. I think it would be good to test by disabling peer verification to be sure that this is your problem, indeed.

(Please note that I added a second answer, alongside my previous answer. That wasn't the answer to your question, but might be relevant to others)