Hello to all,
I want to secure the access of my phpmyadmin.
So, I’ve created a Let’s Encrypt certificate for the URL access and also for my.ini and phpmyadmin.conf files.
I can connect to mysql in command-line with –ssl-mode=REQUIRED but I can’t with the web access.
I’ve got the error :
mysqli_real_connect(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
If I configure phpmyadmin to not verify the certificate, the access is OK but I’ve the SSL is used with disabled verification message.
My web server is a WAMPServer 3.1.3 x64 on a Windows 10 host computer.
I am using Apache 2.4.33, php 7.2.5, MySQL 5.7.22 and OpenSSL 1.1.0g
EDIT/SOLUTION: used letsencrypt certificate for web access and self-signed (OpenSSL) certificates for MySQL Require SSL (this is an internal use so the root ca has not to be on client computer).
Thanks to all.
Kind regards,
NivekLR
Hi,
Can you share us how do you set the SSL up in mysql (my.ini?)
Also, i believe it’s not suggested to use a public trusted CA to setup MySql server.
Thank you
The my.ini configuration:
I know that it’s preferred private CA but I’ve not one yet 
Kind regards,
The phpmyadmin configuration:
The last line is the “bad” thing I’ve done for connection to work
I’ve already tested chain certificate but still the same issue…
As i don’t really know the issue… can you check if all certificates are in RSA / Decoded mode ?
P.S. Tutorial about generate private CA & Intermediate here:
https://jamielinux.com/docs/openssl-certificate-authority/
P.S. This is not (possibly) a Let’s Encrypt Problem and it seems to be not related to LE (TLS Web)
How can I check if certificates are in RSA / Decoded mode ?
If that mean the files are readable the answer is yes. Those files are in this format :
—BEGIN RSA XXXX — AAAA — END RSA XXX ----
I’ve followed the setup of a Root and Intermediate CA and the connection works like a charm !
Thank you.
Kind regards,
