Setting up Azure MySQL with CodeIgniter by having SSL enforced

Introduction

In my previous post I talked about integrating Azure MySQL with a PHP webapp. Today we’ll elaborate on that one a bit further and see how we can setup CodeIgniter to use the Azure MySQL.

 

Prep the webapp

First thing, set all your database variables as app settings (read: environment variables) ;

That’s it as preparation 😉

 

CA Certificate

Save the .pem file under the /cert/ directory of your webapp ;

You can choose to save it somewhere else too, but adjust the config below accordingly then.

 

Database Configuration 

Let’s configure our database… Let’s browse to application/config/database.php ;

And set the following configuration ;

 

$db['default'] = array(
	'dsn'	=> '',
	'hostname' => getenv('BILLING_MYSQL_HOST'),
	'username' => getenv('BILLING_MYSQL_USER'),
	'password' => getenv('BILLING_MYSQL_PASS'),
	'database' => getenv('BILLING_MYSQL_DB'),
	'dbdriver' => 'mysqli',
	'dbprefix' => '',
	'pconnect' => FALSE,
	'db_debug' => TRUE,
	'cache_on' => FALSE,
	'cachedir' => '',
	'char_set' => 'utf8',
	'dbcollat' => 'utf8_general_ci',
	'swap_pre' => '',
	'encrypt' => array(
		'ssl_ca' => realpath('./cert/MyServerCACert.pem'),
		'ssl_verify' => FALSE
	),
	'compress' => FALSE,
	'stricton' => FALSE,
	'failover' => array(),
	'ssl_verify' => FALSE,
	'save_queries' => TRUE
);

Now let’s set the database on “autoload” ;


And let’s check our webapp… No issues!

Common Issue ; SSL Verify is set to true
If you don’t set this to false, then you’ll get an error that the “Peer certificate… did not match expected …”
This is an annoyance and a known issue. The product team is working on getting this one fixed!

Common Issue ; the SSL variables not set as an array underneath the $encrypt variable
If you forget this part, then you’ll get an “HY000/2001: SSL connection is required. Please specify SSL options and retry”

It seems CI (CodeIgniter) once switched its set of variables around a bit. Where the example config isn’t aligned with the latest documentation.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s