Reputation: 245
PHP postgres enable ssl support
Sorry to get back to you for a question that has been asked many years ago. But I am really stuck with this. I have a legacy application which is very old, running PHP 5.2.17. I followed this guide to setup my docker container https://andrewscaya.net/blog/bringing-php-52-back-life
I have everything setup correctly. I made a downloaded and compiled a PHP installation and configured this with Apache. And its working fine with php.
However, it is essential that I have SSL support (in PHP) for the POSTGRES connection. Which is now default not enabled according to PHPINFO
I have basically the very same problem somebody else had many years ago. SSL support of Pgsql
See:
Enable SSL support for pgsql
So from what I am understanding is that I need to recompile PHP again, but with a package called libpg ? Where do I get this package and how can I compile this with the PHP source code?
Upvotes: 1
Views: 352
Answers (2)
Reputation: 786
In the long-run I would recommend upgrading PHP versions, but I understand that this can be a lot of work. There are many good guides on upgrading versions. I recommend going through the version upgrades one-by-one, dealing with deprecated features and other potential problems one-at-a-time and testing each script.
In the short-term, I'm not sure if this would work, but PDO is supported in 5.2 (actually in 5.1 even) and as it simply passes info to the PostgreSQL library, I would expect SSL support to work. I have used it in 5.4, and I am not aware of any changes made between those two versions.
There is a solution here, by IMSoP, that explains how to get this working and points you to more official documentation if you need more info: Connecting to PGSQL over SSL via PHP PDO
If this fails, a second approach that I would try would be to create an SSH tunnel to connect to a local port. An example would be:
ssh -L 127.0.0.1:5443:127.0.0.1:5432 username@remoteboxaddress
Then you can initiate what looks to PHP like a local connection on port 5433, but it will actually be a (secure) SSH tunnel to the remote box. This will also require that the remote box is configured to accept (non-encrypted) local connections, and that you have SSH access to it. Then, if you test it out and it works, you can make a script to start the tunnel on boot, or better yet, when the webserver is started; this necessitates using an authentication method like keys stored in a file, that doesn't require the entering of a password. So...there are a lot of "if's" here, in terms of whether or not you will be able to get this solution to work, but it can be done if you have root access on both servers, and occasionally if you do not, depending on how they are configured.
Hopefully, one of these two solutions will work for you.
Upvotes: 0
Reputation: 245
After 2 days of searching I finally found LAPP stack which has some older versions available with pgsql ssl support https://community.bitnami.com/t/can-i-get-the-installers-for-wapp-and-lapp-stacks-for-5-4-45/38548
Upvotes: 0
Related Questions
- psql: server does not support SSL, but SSL was required
- Using psql to connect to PostgreSQL in SSL mode
- Error: The server does not support SSL connections
- Enable SSL support for pgsql
- MacOS Mojave and pg_connect with SSL
- PHP & PostgreSQL – sslmode value "require" invalid when SSL support is not compiled
- Connecting to PGSQL over SSL via PHP PDO
- SSL connection error in PostgreSQL 8.0
- Enable SSL connections on PostgreSQL server
- How to check if PostgreSQL installation supports SSL?