Multi-server Phpmyadmin Server connection: SSL is not being used

Discussion in 'ISPConfig 3 Priority Support' started by Stelios, Dec 12, 2020.

  1. Stelios

    Stelios Member HowtoForge Supporter

    Hi all,
    I've got PHPMyAdmin running on the master server which holds just the controlpanel and the apps that clients need like PHPMyAdmin,net2ftp, etc.
    I can log in to all DB servers (3 total) but Phpmyadmin shows:
    Server connection: SSL is not being used

    There is a help link next to it which mention the following:
    Code:
    Using SSL for connection to database server
    It is recommended to use SSL when connecting to remote database server. There are several configuration options involved in the SSL setup:
    
    $cfg['Servers'][$i]['ssl']
    Defines whether to use SSL at all. If you enable only this, the connection will be encrypted, but there is not authentication of the connection - you can not verify that you are talking to the right server.
    $cfg['Servers'][$i]['ssl_key'] and $cfg['Servers'][$i]['ssl_cert']
    This is used for authentication of client to the server.
    $cfg['Servers'][$i]['ssl_ca'] and $cfg['Servers'][$i]['ssl_ca_path']
    The certificate authorities you trust for server certificates. This is used to ensure that you are talking to a trusted server.
    $cfg['Servers'][$i]['ssl_verify']
    This configuration disables server certificate verification. Use with caution.
    I've tried to add the:
    $cfg['Servers'][$i]['ssl']
    to the /etc/phpmyadmin/config.inc.php at the bottom but nothing is happening. Same problem.

    I then added the same under /etc/phpmyadmin/conf.d/config.manyhosts.inc.php and can't login:

    Code:
    mysqli_real_connect(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
     mysqli_real_connect(): Cannot connect to MySQL by using SSL
     mysqli_real_connect(): [2002] (trying to connect via (null))
     mysqli_real_connect(): (HY000/2002):
     Connection for controluser as defined in your configuration failed.
    This is the content of the file:
    Code:
    <?php
    
    $i=0;
    $hosts = array (
        "localhost", // controlpanel
        "10.0.0.6", // db1
        "10.0.0.7", // db2
        "10.0.0.14" // db3
        //"baz.example.com",
        //"quux.example.com",
    );
    
    foreach ($hosts as $host) {
        $i++;
        $cfg['Servers'][$i]['host']     = $host;
        $cfg['Servers'][$i]['port']     = '';
        $cfg['Servers'][$i]['socket']   = '';
        $cfg['Servers'][$i]['connect_type']     = 'tcp';
        $cfg['Servers'][$i]['extension']        = 'mysql';
        $cfg['Servers'][$i]['compress'] = FALSE;
        // SSLsection
        $cfg['Servers'][$i]['ssl'] = true;
        $cfg['Servers'][$i]['ssl_verify'] = false;
        $cfg['Servers'][$i]['controluser']      = 'pma';
        $cfg['Servers'][$i]['controlpass']      = 'mypass';
        $cfg['Servers'][$i]['auth_type']        = 'cookie';
        $cfg['Servers'][$i]['user']     = '';
        $cfg['Servers'][$i]['password'] = '';
        $cfg['Servers'][$i]['only_db']  = '';
        $cfg['Servers'][$i]['verbose']  = '';
        $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
        $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
        $cfg['Servers'][$i]['relation'] = 'pma__relation';
        $cfg['Servers'][$i]['table_info'] = 'pma__table_info';
        $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
        $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
        $cfg['Servers'][$i]['column_info'] = 'pma__column_info';
        $cfg['Servers'][$i]['history'] = 'pma__history';
        $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
        $cfg['Servers'][$i]['tracking'] = 'pma__tracking';
        $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
        $cfg['Servers'][$i]['recent'] = 'pma__recent';
        $cfg['Servers'][$i]['favorite'] = 'pma__favorite';
        $cfg['Servers'][$i]['users'] = 'pma__users';
        $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
        $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
        $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
        $cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
        $cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings';
        $cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
    }
    
    If I take out the ssl part (see below) from the above it works fine again but without SSL of course.
    Code:
        $cfg['Servers'][$i]['ssl'] = true;
        $cfg['Servers'][$i]['ssl_verify'] = false;
    I've also tried adding:
    $cfg['ForceSSL'] = true;
    which doesn't throw any error but the warning of not been used SSL is still there.

    Any help is very much appreciated.
     
    Last edited: Dec 12, 2020
  2. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    Did you setup ssl in mysqld on your mysql servers?
     
    ahrasis likes this.
  3. Stelios

    Stelios Member HowtoForge Supporter

    Thanks Jesse, on the one I was doing the test it wasn't setup properly in MySQL, it has been fixed.
     

Share This Page