I have the working cacti installation and want to migrate the database to the remote MySQL server (cluster). The new MySQL server requires TLSv1.3 and cipher TLS_AES_256_GCM_SHA384. Here is my server configuration and the error message from the web browser:
The error message:OS: AlmaLinux 9.1 x86_64
PHP 8.1.13 (cli) (built: Nov 30 2022 04:26:44) (NTS)
PHP modules: bcmath Core ctype curl date dom exif fileinfo filter gd gettext gmp hash iconv imap intl json libxml mbstring mcrypt mysqli mysqlnd openssl pcntl pcre PDO pdo_mysql pdo_sqlite Phar posix readline Reflection session SimpleXML snmp soap sockets sodium SPL sqlite3 standard tokenizer xml xmlreader xmlwriter zip zlib
Database: MariaDB 10.6 Galera cluster
Cacti version: 1.2.22
Cacti database configuration:
$database_type = 'mysql';
$database_default = 'cactidb';
$database_hostname = '10.1.1.1';
$database_username = 'cacti';
$database_password = 'cactipassword';
$database_port = '4006';
$database_retries = 5;
$database_ssl = true;
$database_ssl_key = '/home/cacti/certs/client.key';
$database_ssl_cert = '/home/cacti/certs/client.crt';
$database_ssl_ca = '/home/cacti/certs/server_ca.crt';
I have tried to test the MySQL connection using the PHP script, and it's working fine. Please see below:FATAL: Connection to Cacti database failed. Please ensure:
The PHP MySQL module is installed and enabled.
The database is running.
The credentials in config.php are valid.
Code: Select all
<?php
ini_set('error_reporting', E_ALL);
ini_set('display_errors', '1');
error_reporting(E_ALL|E_STRICT);
$options = array(
PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8',
PDO::MYSQL_ATTR_SSL_KEY => 'certs/client.key',
PDO::MYSQL_ATTR_SSL_KEY => 'certs/client.crt',
PDO::MYSQL_ATTR_SSL_CA => 'certs/server_ca.crt',
PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false,
);
try {
$conn = new PDO("mysql:host=10.1.1.1;port=4006;dbname=cactidb", 'cacti', 'cactipassword', $options);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "\nConnected successfully \n\n";
var_dump($conn->query("SHOW STATUS LIKE 'Ssl_cipher';")->fetchAll());
var_dump($conn->query("SHOW SESSION STATUS LIKE 'Ssl_version';")->fetchAll());
$conn = null;
}
catch(PDOException $e)
{
echo "Connection failed: " . $e->getMessage();
}
?>I am also using spine, and it seems to work fine. Please see below:$ php testdb.php
Connected successfully
array(1) {
[0]=>
array(4) {
["Variable_name"]=>
string(10) "Ssl_cipher"
[0]=>
string(10) "Ssl_cipher"
["Value"]=>
string(22) "TLS_AES_256_GCM_SHA384"
[1]=>
string(22) "TLS_AES_256_GCM_SHA384"
}
}
array(1) {
[0]=>
array(4) {
["Variable_name"]=>
string(11) "Ssl_version"
[0]=>
string(11) "Ssl_version"
["Value"]=>
string(7) "TLSv1.3"
[1]=>
string(7) "TLSv1.3"
}
}
I can't find any other related log files. Please help me to debug my cacti installation and at least give some clues so I can continue to work with this.$ /opt/spine/bin/spine -C /opt/spine/etc/spine.conf -V 1
SPINE: Using spine config file [/opt/spine/etc/spine.conf]
Version 1.2.22 starting
2022/11/30 05:26:27 - SPINE: Poller[1] PID[694301] PT[140289277032256] ERROR: SS[0] Script Server did not start properly return message was: 'U'
2022/11/30 05:26:27 - SPINE: Poller[1] PID[694301] PT[140289277032256] ERROR: SS[1] Script Server did not start properly return message was: 'U'
Thank you
