I had a problem with phpMyAdmin not using encrypted connections.
My server was correctly configured for SSL as indicated by:
SHOW VARIABLES LIKE '%ssl%'
Which returned:
Variable_name
|
Value
|
have_openssl |
YES |
have_ssl |
YES |
ssl_ca |
/etc/mysql/cacert.pem |
ssl_capath |
|
ssl_cert |
/etc/mysql/server-cert.pem |
ssl_cipher |
|
ssl_key |
/etc/mysql/server-key.pem |
However when I ran:
SHOW STATUS LIKE 'Ssl_cipher'
I got back a null result, indicating that the connection was not encrypted.
Eventually I figured out that the problem was caused by using the ‘mysqli’ provider for my connections in phpMyAdmin. When I switched my connections to use ‘mysql’ instead then encryption started working and an Ssl_cipher was reported.
I’d love to know what the actual problem is, but for now I’m just happy that my connections are actually encrypted. I spent a while hacking on the mysqli dbi interface to try and get it to play nice with SSL but I didn’t make any progress.