How to setup AWS rds with SSL with phpmyadmin

Question

I want to encrypt the connection to db from phpmyadmin using SSL. I am confused on how to use bundle certificate

Answer 1

First you have to download the certificate by visiting here: Download an SSL certificate for your managed database in Amazon Lightsail

Here is a direct link for combined ca bundle: rds-combined-ca-bundle.pem

Now copy this 'rds-combined-ca-bundle.pem' file to your phpMyAdmin folder and search for config.inc.php file.

open this file (config.inc.php) in notepad or in any text editor and write the below lines:

$cfg['Servers'][$i]['ssl'] = true;
$cfg['Servers'][$i]['ssl_ca'] = 'rds-combined-ca-bundle.pem';
$cfg['Servers'][$i]['ssl_mode'] = 'VERIFY_IDENTITY';

Now save the file and visit you host (http://localhost/phpMyAdmin).

Update: You may download the Global Bundle which has all of the certificates including the new rds-ca-rsa2048-g1

Answer 2

You have to set it up as described in the docs using $cfg['Servers'][$i]['ssl'] option:

Whether to enable SSL for the connection between phpMyAdmin and the MySQL server to secure the connection.

Answer 3

This worked for me:

Upload the rds-combined-ca-bundle.pem to some path that phpMyAdmin can access.

Then set the following configuration vars in config.inc.php:

$cfg['Servers'][$i]['ssl_ca_path'] = '/path/to/';
$cfg['Servers'][$i]['ssl_key'] = 'rds-combined-ca-bundle.pem';
$cfg['Servers'][$i]['ssl_cert'] = 'rds-combined-ca-bundle.pem';
$cfg['Servers'][$i]['ssl_ca'] = '/path/to/rds-combined-ca-bundle.pem';