Very cool! Thank you! I'll check this out!
On Sun, Jul 26, 2015 at 3:37 AM, Benjamin Lees <emufarmers(a)gmail.com>
wrote:
https://www.mediawiki.org/wiki/Manual:$wgDBssl
On Sat, Jul 25, 2015 at 8:51 PM, Tim Dunphy <bluethundr(a)gmail.com> wrote:
Hi all,
I just added a remote database to my media wiki setup. I can access
the
database from the command line and using that
info the wiki site shows
up
in a browser and works.
But some of the data is sensitive so I need to add an ssl user to
access
the database.
If i add an ssl user to the db, I can also access it from the command
line
of the web server no problem:
[root@ops:~] #mysql -uadmin_ssl -p -h
db.example.com -e "SHOW
DATABASES"
Enter password:
+--------------------+
| Database |
+--------------------+
| certs |
| information_schema |
| jfwiki |
| mysql |
| performance_schema |
+--------------------+
But with the ssl user in place in LocalSettings.php, I'm getting this
response from the browser:
Sorry! This site is experiencing technical difficulties.
Try waiting a few minutes and reloading.
*(Cannot access the database: Access denied for user
'admin_ssl'(a)'ec2-xx-xx-xxx-xx.compute-1.amazonaws.com
<http://ec2-xx-xx-xxx-xx.compute-1.amazonaws.com>' (using password:
YES)
(
db.example.com <http://db.example.com>))*
You can try searching via Google in the meantime.
Note that their indexes of our content may be out of date.
JF Wiki WWW
This is what the grant for the user looks like in the database:
MariaDB [(none)]> show grants for 'admin_ssl'@'
ec2-xx-xx-xxx-xx.compute-1.amazonaws.com';
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for
admin_ssl(a)ec2-xx-xx-xxx-xx.compute-1.amazonaws.com
|
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO
'admin_ssl'@'
ec2-xx-xx-xxx-xx.compute-1.amazonaws.com' IDENTIFIED BY PASSWORD
'*somePasswordHash' REQUIRE SSL |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
I was just wondering what I'd need to do to make this work!! All
suggestions welcomed.
Thanks,
Tim
--
GPG me!!
gpg --keyserver
pool.sks-keyservers.net --recv-keys F186197B
_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l