SSL Connection to RDS Instances in phpMyAdmin

  • Post author:
  • Post category:IT
  • Post comments:0评论

Setting up SSL connection between phpMyAdmin and the RDS MySQL server is quite straight forward. Below is a demo setup on Amazon Linux with phpMyAdmin 4.4.14. The web server is Apache with PHP 5.

First of all we download and unzip phpMyAdmin. At the same time we download the root certificate for RDS to the phpMyAdmin folder:

$ cd /var/www/html
$ wget https://files.phpmyadmin.net/phpMyAdmin/4.4.14/phpMyAdmin-4.4.14-all-languages.zip
$ unzip phpMyAdmin-4.4.14-all-languages.zip
$ cd phpMyAdmin-4.4.14-all-languages.zip
$ cp config.sample.inc.php config.inc.php 
$ wget https://s3.amazonaws.com/rds-downloads/rds-ca-2015-root.pem

Now edit config.inc.php, using the following configurations for the “First server”, which is your RDS instance.

/*
 * First server
 */
$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'instance-name.xxxxxxxxxxxx.ap-southeast-2.rds.amazonaws.com';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['ssl'] = true;
$cfg['Servers'][$i][''] = '/var/www/html/phpMyAdmin-4.4.14-all-languages/rds-ca-2015-root.pem';

You will probably need to restart httpd to make things work.

$ sudo service httpd restart

At this point, you can use phpMyAdmin to login to your RDS instance. After you login, us the following SQL query to verify the SSL connection:

show status like 'Ssl_cipher';

If you see the following result, the SSL connection is successful:

Variable_name 	Value 	
Ssl_cipher 	AES256-SHA

发表回复