App not connecting to MySQL database after installing certs

tkrishnamurthy · February 7, 2018, 3:20am

We are using node server for app and MySQL both running on the same CentOS system. We use HAProxy as reverse proxy server and also LetsEncrypt to enable https to access the WebServer.

Once LetsEncrypt was installed and haproxy config file updated to use the certs, the app is launching using https but is NOT connecting to the database (MySQL).

Question: are there any additional configuration required on the node or MySQL as part of implementing Lets Encrypt?

bytecamp · February 7, 2018, 9:01am

This is unrelated to Let’s Encrypt and certificate usage in general.

stevenzhu · February 7, 2018, 2:02pm

Hi,

It’s a connection issue between your php and mysql-server.

There should be no impact when you install any SSL certificate to your web server.

Thank you & Good Luck.

tkrishnamurthy · February 7, 2018, 2:34pm

I don’t think so or if it is, it is caused by Let’sencrypt. Reason being if I restore my haproxy.cfg to the previous version without the certificate entries, everything works fine.

Add those entries back and restart haproxy, it fails.

stevenzhu · February 7, 2018, 2:41pm

Do you use the same domain name for website and database?

It might cause some problem (However I’m not sure how haproxy works)

What i know is don’t use same domain name for website and database. (Exactly same)

bytecamp · February 7, 2018, 2:52pm

Could you please paste all these entries here?
There must be a mistake in that configuration.

tkrishnamurthy · February 7, 2018, 3:29pm

Not domain name but same server but the database has its own IP address and the web server has a different one.

Again this is working without the letsencrypt setup.

stevenzhu · February 7, 2018, 3:30pm

okay…

Then i have no idea. sry.

tkrishnamurthy · February 7, 2018, 3:47pm

frontend www-https
bind (public IP>:443 ssl crt /etc/haproxy/certs/mydomain.com.pem
reqadd X-Forwarded-Proto:\ https
acl letsencrypt-acl path_beg /.well-known/acme-challenge/
use_backend letsencrypt-backend if letsencrypt-acl
default_backend www-backend

backend www-backend
mode http
redirect scheme https if !{ ssl_fc }
balance roundrobin
option httpclose
option forwardfor
server mydomain mydomain.com:8080 check

backend letsencrypt-backend
server letsencrypt 127.0.0.1:54321

bytecamp · February 8, 2018, 11:55am

Please show the output of the command:

netstat -lpn | grep mysql

tkrishnamurthy · February 8, 2018, 5:11pm

root@server.mydomain.com [2]# netstat -lpn | grep mysql
tcp 0 0 :::3306 :::* LISTEN 4232/mysqld
unix 2 [ ACC ] STREAM LISTENING 76968 4232/mysqld /var/lib/mysql/mysql.sock

system · March 10, 2018, 5:11pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Using let's encrypt with MariaDB Help	5	9975	January 27, 2017
Cannot connect to MariaDB through NodeJS Server	7	1764	June 3, 2017
Letsencrypt with Haproxy Help	13	3696	March 16, 2017
Configure MySQL with letsencrypt Help	2	6495	December 14, 2018
Do not use letsencrypt's certs on phpMyAdmin, use MariaDB certs instead Issuance Tech	7	3064	May 14, 2021

App not connecting to MySQL database after installing certs

Related topics