I recently installed MantisBT version 1.3.0 on a web server running Apache 2.4 and PHP 5.6.24. Our MariaDB database 10.1.24 where the MantisBT issues are stored is located in another data center. Because of that we prefer SSL encryption for all communications between the web server and the database server.
All our web applications are able to connect to the database server when SSL is enforced on the SQL user account, but MantisBT doesn't seem to have an option to enable SSL on the client side with either a MYSQLI_CLIENT_SSL or MYSQL_CLIENT_SSL flag somewhere in the configuration file.
Are there any workarounds to get this working? Moving the database to the webserver is no option, as the database is running on a high availability cluster and I don't want to compromise data redundancy just because a web application doesn't seem to handle security properly.
Cannot connect with database over SSL
Moderators: Developer, Contributor
Re: Cannot connect with database over SSL
I never tried myself, maybe the follwoing approach works
Run the Mantis installaion process without using SSL
after that use the following setting
Set it to something like
This might do the trick, at least according
http://stackoverflow.com/questions/1510 ... with-adodb
Run the Mantis installaion process without using SSL
after that use the following setting
Code: Select all
**
* adodb Data Source Name
* This is an EXPERIMENTAL field.
* If the above database settings, do not provide enough flexibility, it is
* possible to specify a dsn for the database connection. For further details,
* currently, you need to see the adodb manual at
* http://phplens.com/adodb/code.initialization.html#dsnsupport. For example,
* if db_type is odbc_mssql. The following is an example dsn:
* "Driver={SQL Server Native Client 10.0};SERVER=.\sqlexpress;DATABASE=bugtracker;UID=mantis;PWD=password;"
* NOTE: the installer does not yet fully support the use of dsn's
*/
$g_dsn = '';
Code: Select all
$g_dsn = 'mysqli://ssluser:sslpass@dbhost/test?clientflags=2048';
http://stackoverflow.com/questions/1510 ... with-adodb
Re: Cannot connect with database over SSL
Thanks for the response. I will try to modify the code and report back the results here.
Re: Cannot connect with database over SSL
To be sure that we don't talk about different things.
You should not modify any existing code of Mantis, but just add this line to file config_inc.php and adjust it to your need.
You should not modify any existing code of Mantis, but just add this line to file config_inc.php and adjust it to your need.
Code: Select all
$g_dsn = 'mysqli://ssluser:sslpass@dbhost/test?clientflags=2048';
Re: Cannot connect with database over SSL
I did some tests and have the connection working now with the following line added to the config_inc.php file:
Obviously this line must be added after the variables for the database connection in the config fille.
Code: Select all
$g_dsn = "mysqli://$g_db_username:$g_db_password@$g_hostname/$g_database_name?clientflags=" . MYSQLI_CLIENT_SSL;
Re: Cannot connect with database over SSL
If you add the SSL requirement to the MySQL user, e.g.:
and you add the following line to the config_inc.php file:
Mantis keeps working correctly.
But the admin/install.php script doesn't work correctly anymore: it fails to connect to the db, effectively preventing the installation or the upgrade of Mantis if the db connection requires SSL.
Does anyone know how to fix that?
Thanks.
Code: Select all
ALTER USER mantis REQUIRE SSL;
Code: Select all
$g_dsn = "mysqli://$g_db_username:$g_db_password@$g_hostname/$g_database_name?clientflags=" . MYSQLI_CLIENT_SSL;
But the admin/install.php script doesn't work correctly anymore: it fails to connect to the db, effectively preventing the installation or the upgrade of Mantis if the db connection requires SSL.
Does anyone know how to fix that?
Thanks.