We just upgraded to php 5.6 from php 5.4, and everything was working fine with our MySQL connecting using MySQLi and SSL.
Our connection looks like:
mysqli_real_connect($db, $host, $username, $password, $database, $port, $socket, MYSQLI_CLIENT_SSL);
mysqli_set_charset($db, "utf8");
Howerver, now when we try and connect to MySQL over SSL using php 5.6 we are getting:
Warning: mysqli_real_connect(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /MySQLConnection.php on line 29
Warning: mysqli_real_connect(): Cannot connect to MySQL by using SSL in /MySQLConnection.php on line 29
Warning: mysqli_real_connect(): [2002] (trying to connect via tcp://mysql1.ourdomain.com:3306) in /MySQLConnection.php on line 29
Warning: mysqli_real_connect(): (HY000/2002): in /MySQLConnection.php on line 29
I tried setting:
mysqli_options($db, MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, false);
But that does not help.
UPDATE
I added:
$mysql_certs_path = "/full/path/to/certs/mysql";
mysqli_ssl_set($db, $mysql_certs_path . "/client-key.pem", $mysql_certs_path . "/client-cert.pem", $mysql_certs_path . "/ca-cert.pem", null, null);
And still getting:
Warning: mysqli_real_connect(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /MySQLConnection.php on line 31
Warning: mysqli_real_connect(): Cannot connect to MySQL by using SSL in /MySQLConnection.php on line 31
openssl x509 -in <file> -inform <PEM|DER> -text -noout
. Also, you need to supply the exact way you are connecting (hostname, IP address, etc). – Goodallopenssl s_client -connect <hostname>:<port> -tls1 -servername <hostname> | openssl x509 -text -noout
. Do so by adding it to your question by clicking Edit (and don't post it as a comment). Otherwise, there's not enough information to help troubleshoot it. – Goodall