Request: Connection Example for TLS

[dickson-michael]

I'm trying to debug an issue connecting to a vendor's database, and they recommended connecting with TLS.

Connection worked fine when run against my local Dockerized MySQL-8 container, but when I set the MySQL flag require_secure_transport it would disconnect (HY000 Connections using insecure transport are prohibited), as expected.

I modified the 2-simple-query.php file to read:

$context = (new Socket\ConnectContext)->withTlsContext(new Socket\ClientTlsContext(DB_HOST));
$config = new Mysql\ConnectionConfig(DB_HOST, 3306, DB_USER, DB_PASS, DB_NAME, $context);

However, this results in a promptly closed connection.

Debug output (without TLS context):

81 bytes read (version, caching_sha2_password)
101 bytes written (user, database, caching_sha2_password)
6 bytes read
5 bytes written
456 bytes read (public key)
[etc]

Debug output (with TLS context):

81 bytes read (version, caching_sha2_password)
36 bytes written
[disconnect]

If you can include an example for how to connect to a server that requires secure transport, it would be helpful.

[trowski]

Ping @bwoebi, possibly a bug here?

[bwoebi]

Not sure whether we currently support TLS on initial connect at all (only upgrade to tls). Need to check and try myself.

[trowski]

@dickson-michael Did you ever find a solution to this or did you move on to another approach?

I tried testing this myself but wasn't having luck even getting SSL to work on the test mysql server.

@bwoebi Do you have some time to look into this? Feel free to only apply fixes to v3 branch.

[dickson-michael]

@trowski I don't remember the details, but we ended up not requiring this so I never went further. In addition, our vendor upgraded our production environment a few months later which broke the library and I had to revert to a synchronous wrapper. I haven't had a chance to revisit the project since.