Hi all,
I just added a remote database to my media wiki setup. I can access the
database from the command line and using that info the wiki site shows up
in a browser and works.
But some of the data is sensitive so I need to add an ssl user to access
the database.
If i add an ssl user to the db, I can also access it from the command line
of the web server no problem:
[root@ops:~] #mysql -uadmin_ssl -p -h
db.example.com -e "SHOW DATABASES"
Enter password:
+--------------------+
| Database |
+--------------------+
| certs |
| information_schema |
| jfwiki |
| mysql |
| performance_schema |
+--------------------+
But with the ssl user in place in LocalSettings.php, I'm getting this
response from the browser:
Sorry! This site is experiencing technical difficulties.
Try waiting a few minutes and reloading.
*(Cannot access the database: Access denied for user
'admin_ssl'(a)'ec2-xx-xx-xxx-xx.compute-1.amazonaws.com
<http://ec2-xx-xx-xxx-xx.compute-1.amazonaws.com>' (using password: YES)
(
db.example.com <http://db.example.com>))*
You can try searching via Google in the meantime.
Note that their indexes of our content may be out of date.
JF Wiki WWW
This is what the grant for the user looks like in the database:
MariaDB [(none)]> show grants for 'admin_ssl'@'
ec2-xx-xx-xxx-xx.compute-1.amazonaws.com';
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for admin_ssl(a)ec2-xx-xx-xxx-xx.compute-1.amazonaws.com
|
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'admin_ssl'@'
ec2-xx-xx-xxx-xx.compute-1.amazonaws.com' IDENTIFIED BY PASSWORD
'*somePasswordHash' REQUIRE SSL |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
I was just wondering what I'd need to do to make this work!! All
suggestions welcomed.
Thanks,
Tim
--
GPG me!!
gpg --keyserver
pool.sks-keyservers.net --recv-keys F186197B