MySQL database connection error using SSL

Post general support questions here that do not specifically fall into the Linux or Windows categories.

Moderators: Developers, Moderators

Post Reply
srx300
Posts: 2
Joined: Tue Nov 29, 2022 6:49 am

MySQL database connection error using SSL

Post by srx300 »

Hello,

I have the working cacti installation and want to migrate the database to the remote MySQL server (cluster). The new MySQL server requires TLSv1.3 and cipher TLS_AES_256_GCM_SHA384. Here is my server configuration and the error message from the web browser:
OS: AlmaLinux 9.1 x86_64

PHP 8.1.13 (cli) (built: Nov 30 2022 04:26:44) (NTS)

PHP modules: bcmath Core ctype curl date dom exif fileinfo filter gd gettext gmp hash iconv imap intl json libxml mbstring mcrypt mysqli mysqlnd openssl pcntl pcre PDO pdo_mysql pdo_sqlite Phar posix readline Reflection session SimpleXML snmp soap sockets sodium SPL sqlite3 standard tokenizer xml xmlreader xmlwriter zip zlib

Database: MariaDB 10.6 Galera cluster

Cacti version: 1.2.22

Cacti database configuration:
$database_type = 'mysql';
$database_default = 'cactidb';
$database_hostname = '10.1.1.1';
$database_username = 'cacti';
$database_password = 'cactipassword';
$database_port = '4006';
$database_retries = 5;
$database_ssl = true;
$database_ssl_key = '/home/cacti/certs/client.key';
$database_ssl_cert = '/home/cacti/certs/client.crt';
$database_ssl_ca = '/home/cacti/certs/server_ca.crt';
The error message:
FATAL: Connection to Cacti database failed. Please ensure:
The PHP MySQL module is installed and enabled.
The database is running.
The credentials in config.php are valid.
I have tried to test the MySQL connection using the PHP script, and it's working fine. Please see below:

Code: Select all

<?php
ini_set('error_reporting', E_ALL);
ini_set('display_errors', '1');
error_reporting(E_ALL|E_STRICT);

$options = array(
	PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8',
	PDO::MYSQL_ATTR_SSL_KEY => 'certs/client.key',
	PDO::MYSQL_ATTR_SSL_KEY => 'certs/client.crt',
	PDO::MYSQL_ATTR_SSL_CA => 'certs/server_ca.crt',
	PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false,
);

try {
    $conn = new PDO("mysql:host=10.1.1.1;port=4006;dbname=cactidb", 'cacti', 'cactipassword', $options);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    echo "\nConnected successfully \n\n"; 
    	var_dump($conn->query("SHOW STATUS LIKE 'Ssl_cipher';")->fetchAll());
    	var_dump($conn->query("SHOW SESSION STATUS LIKE 'Ssl_version';")->fetchAll());
	$conn = null;
}
catch(PDOException $e)
    {
    echo "Connection failed: " . $e->getMessage();
}
?>
Here is the MySQL connection test result:
$ php testdb.php

Connected successfully

array(1) {
[0]=>
array(4) {
["Variable_name"]=>
string(10) "Ssl_cipher"
[0]=>
string(10) "Ssl_cipher"
["Value"]=>
string(22) "TLS_AES_256_GCM_SHA384"
[1]=>
string(22) "TLS_AES_256_GCM_SHA384"
}
}
array(1) {
[0]=>
array(4) {
["Variable_name"]=>
string(11) "Ssl_version"
[0]=>
string(11) "Ssl_version"
["Value"]=>
string(7) "TLSv1.3"
[1]=>
string(7) "TLSv1.3"
}
}
I am also using spine, and it seems to work fine. Please see below:
$ /opt/spine/bin/spine -C /opt/spine/etc/spine.conf -V 1
SPINE: Using spine config file [/opt/spine/etc/spine.conf]
Version 1.2.22 starting
2022/11/30 05:26:27 - SPINE: Poller[1] PID[694301] PT[140289277032256] ERROR: SS[0] Script Server did not start properly return message was: 'U'
2022/11/30 05:26:27 - SPINE: Poller[1] PID[694301] PT[140289277032256] ERROR: SS[1] Script Server did not start properly return message was: 'U'
I can't find any other related log files. Please help me to debug my cacti installation and at least give some clues so I can continue to work with this.

Thank you
User avatar
Osiris
Cacti Guru User
Posts: 1424
Joined: Mon Jan 05, 2015 10:10 am

Re: MySQL database connection error using SSL

Post by Osiris »

Start the script server by hand and test. SSL is tricky, but it works.
Before history, there was a paradise, now dust.
srx300
Posts: 2
Joined: Tue Nov 29, 2022 6:49 am

Re: MySQL database connection error using SSL

Post by srx300 »

Hi Osiris,

Thank you for your reply, please tell me what script I need to run manually from the CLI. I have tried to run "php index.php" and it's shown the same error.

Thank you
User avatar
Osiris
Cacti Guru User
Posts: 1424
Joined: Mon Jan 05, 2015 10:10 am

Re: MySQL database connection error using SSL

Post by Osiris »

Search the documentation for a how-to on that subject.
Before history, there was a paradise, now dust.
Post Reply

Who is online

Users browsing this forum: No registered users and 3 guests