https://www.mediawiki.org/wiki/Manual:$wgDBssl
Very cool! Thank you! I'll check this out! On Sun, Jul 26, 2015 at 3:37 AM, Benjamin Lees <[email protected]> wrote: > https://www.mediawiki.org/wiki/Manual:$wgDBssl > > On Sat, Jul 25, 2015 at 8:51 PM, Tim Dunphy <[email protected]> wrote: > > Hi all, > > > > I just added a remote database to my media wiki setup. I can access the > > database from the command line and using that info the wiki site shows up > > in a browser and works. > > > > But some of the data is sensitive so I need to add an ssl user to > access > > the database. > > > > If i add an ssl user to the db, I can also access it from the command > line > > of the web server no problem: > > > > [root@ops:~] #mysql -uadmin_ssl -p -h db.example.com -e "SHOW DATABASES" > > Enter password: > > +--------------------+ > > | Database | > > +--------------------+ > > | certs | > > | information_schema | > > | jfwiki | > > | mysql | > > | performance_schema | > > +--------------------+ > > > > But with the ssl user in place in LocalSettings.php, I'm getting this > > response from the browser: > > > > Sorry! This site is experiencing technical difficulties. > > > > Try waiting a few minutes and reloading. > > > > *(Cannot access the database: Access denied for user > > 'admin_ssl'@'ec2-xx-xx-xxx-xx.compute-1.amazonaws.com > > <http://ec2-xx-xx-xxx-xx.compute-1.amazonaws.com>' (using password: YES) > > (db.example.com <http://db.example.com>))* > > > > You can try searching via Google in the meantime. > > Note that their indexes of our content may be out of date. > > > > JF Wiki WWW > > > > This is what the grant for the user looks like in the database: > > > > MariaDB [(none)]> show grants for 'admin_ssl'@' > > ec2-xx-xx-xxx-xx.compute-1.amazonaws.com'; > > > +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ > > | Grants for [email protected] > > > > | > > > +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ > > | GRANT ALL PRIVILEGES ON *.* TO 'admin_ssl'@' > > ec2-xx-xx-xxx-xx.compute-1.amazonaws.com' IDENTIFIED BY PASSWORD > > '*somePasswordHash' REQUIRE SSL | > > > +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ > > 1 row in set (0.00 sec) > > > > I was just wondering what I'd need to do to make this work!! All > > suggestions welcomed. > > > > Thanks, > > Tim > > > > -- > > GPG me!! > > > > gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B > > _______________________________________________ > > MediaWiki-l mailing list > > To unsubscribe, go to: > > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > > _______________________________________________ > MediaWiki-l mailing list > To unsubscribe, go to: > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B _______________________________________________ MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
