{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Summer. ? 凉城 的问题《What's the difference between MYSQLI_CLIENT_SS》','https://www.manongdao.com/q-851980.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
This is how I usually connect to a MySQL database using SSL:
$db = mysqli_init();
mysqli_ssl_set(
$db,
NULL,
NULL,
'/etc/ssl/my-certs/ssl-ca.crt.pem',
NULL,
NULL
);
mysqli_real_connect(
$db,
'db.example.com',
'john',
'123456',
NULL,
NULL,
NULL,
MYSQLI_CLIENT_SSL
);
From what I understand, the MYSQLI_CLIENT_SSL flag is necessary to make mysqli::real_connect connect to the server using SSL.
Today I stumbled upon the documentation for mysqli::options, and noticed that it accepts MYSQLI_OPT_SSL_VERIFY_SERVER_CERT as an option, but, alas, its description is blank. So, I wonder:
- When do I need to add
mysqli_options($db, MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);? - When do I need to use the
MYSQLI_CLIENT_SSLflag? - When will I need to set both of them?
MYSQLI_OPT_SSL_VERIFY_SERVER_CERT(true) used when you want to verify server certificate against well known authorities to ensure that this is connection to trusted host. Do not use it if you have self-signed certificate on server.MYSQLI_CLIENT_SSLmust be always used when you need to encrypt connection.When you have on mysql-server certificate provided by authorities and want encryption + MITM-attack protection use both
MYSQLI_OPT_SSL_VERIFY_SERVER_CERTandMYSQLI_CLIENT_SSL.