Classic Graphics has a patch to add more helpful information to default.settings.php regarding connecting to MySQL by SSL.

CommentFileSizeAuthor
#11 guardr-settings-for-mysql-pdo-tls-1824946-11.patch2.7 KBdeekayen
#5 D7-ssl3.patch2.83 KBshrop
#2 D7-ssl2.patch3.87 KBshrop
#1 D7-ssl.patch4.55 KBdeekayen
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

deekayen’s picture

deekayen CreditAttribution: deekayen commented
FileSize
D7-ssl.patch4.55 KB

Here's John Smith's patch.

shrop’s picture

shrop CreditAttribution: shrop commented
FileSize
D7-ssl2.patch3.87 KB

Patch without the "CG edit" comments. The original patch did work.

shrop’s picture

shrop CreditAttribution: shrop commented
Status: Active » Fixed

Drush make builds work after applying the D7-ssl2.patch. Drupal install works okay from my testing. Closing this one for now as fixed.

deekayen’s picture

deekayen CreditAttribution: deekayen commented
Status: Fixed » Needs work

It's an old patch. I think the pdo attributes were added in #1309278: Make PDO connection options configurable already for core. Just the settings.php stuff is what we'd want I think.

http://drupalcode.org/project/drupal.git/commitdiff/2f6d917af5b7367e2956...

shrop’s picture

shrop CreditAttribution: shrop commented
FileSize
D7-ssl3.patch2.83 KB

Attached is a new patch which only updates default.settings.php. Please confirm if this looks ok.

shrop’s picture

shrop CreditAttribution: shrop commented
Status: Needs work » Reviewed & tested by the community

Our sysadmin who worked on mysql over ssl for Drupal confirms that this patch looks right for D7. I will leave open for a bit to see if anyone has any issues with this or comments. Please test.

shrop’s picture

shrop CreditAttribution: shrop commented

Pushed updated patch to stub file. http://drupalcode.org/project/guardr.git/blobdiff/ab2a5c46d6f4d7f47a3095...

deekayen’s picture

deekayen CreditAttribution: deekayen commented

Looks fine to me.

shrop’s picture

shrop CreditAttribution: shrop commented
Status: Reviewed & tested by the community » Closed (fixed)

Added an [additional comment in the stub file](http://drupalcode.org/project/guardr.git/commitdiff/e51a75b2709c32fbf4fe...) to point back to this issue. Marking fixed. Thanks!

deekayen’s picture

deekayen CreditAttribution: deekayen commented
Issue summary: View changes
Status: Closed (fixed) » Needs work

I noticed our servers at CG seem to have a different config then what the patch is documenting as a recommendation

Patch:

  'driver options' => array(
    MYSQL_ATTR_SSL_KEY => '/etc/ssl/mysql/key.pem',
    MYSQL_ATTR_SSL_CERT => '/etc/ssl/mysql/cert.pem',
    MYSQL_ATTR_SSL_CA => '/etc/ssl/mysql/ca-cert.pem',
  ),

actual at CG

  'pdo' => array (
     PDO::MYSQL_ATTR_SSL_CA => '/etc/ssl/mariadb/ca.crt',
     PDO::MYSQL_ATTR_SSL_CERT => '/etc/ssl/mariadb/subdomain.example.com.crt',
     PDO::MYSQL_ATTR_SSL_KEY => '/etc/ssl/mariadb/subdomain.example.com.key',
     PDO::MYSQL_ATTR_COMPRESS => true,
  ),
deekayen’s picture

deekayen CreditAttribution: deekayen commented
FileSize
guardr-settings-for-mysql-pdo-tls-1824946-11.patch2.7 KB

  • deekayen committed 3d63a13 on 7.x-1.x 
    Issue #1824946 by shrop, deekayen: Patch settings.php for MySQL SSL...
deekayen’s picture

deekayen CreditAttribution: deekayen commented
Status: Needs work » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.