Reputation: 473
phpMyAdmin with Docker not using SSL when connecting to AWS RDS instance
I am using phpMyAdmin docker image to connect to a AWS RDS instance and need it to use SSL. Everything is set as directed by PMA documentation but it will not use SSL.
Both config.user.inc.php and rds-combined-ca-bundle.pem are being copied to /etc/phpmyadmin directory when container is created.
When logging into DB server, PMA shows Server connection: SSL is not being used. When database user in RDS is set to SSL required login fails and when set to not require SSL I am able to login OK. Hopefully someone can help me out with this.
Docker Compose
version: '3.1'
services:
phpmyadmin:
image: phpmyadmin/phpmyadmin
container_name: phpmyadmin
environment:
PMA_HOST: somerdsserver.us-east-1.rds.amazonaws.com
PMA_PORT: 3306
restart: always
ports:
- 8081:80
volumes:
- /sessions
- /home/centos/phpmyadmin/config.user.inc.php:/etc/phpmyadmin/config.user.inc.php
- /home/centos/phpmyadmin/rds-combined-ca-bundle.pem:/etc/phpmyadmin/rds-combined-ca-bundle.pem
config.user.inc.php
<?php
// Address of your instance
$cfg['Servers'][$i]['host'] = 'somerdsserver.us-east-1.rds.amazonaws.com';
// Use SSL for connection
$cfg['Servers'][$i]['ssl'] = true;
// Enable SSL verification
$cfg['Servers'][$i]['ssl_verify'] = true;
// You need to have the region CA file and the authority CA file (2019 edition CA for example) in the PEM bundle for it to work
$cfg['Servers'][$i]['ssl_ca'] = '/etc/phpmyadmin/rds-combined-ca-bundle.pem';
Upvotes: 2
Views: 3055
Answers (2)
Reputation: 1711
Since the last updates of the phpMyAdmin Docker image you can now use
services:
phpmyadmin:
image: phpmyadmin:latest
container_name: phpmyadmin
environment:
PMA_HOST: somerdsserver.us-east-1.rds.amazonaws.com
PMA_PORT: 3306
PMA_SSL: 1
PMA_SSL_VERIFY: 1
PMA_SSL_CA: /etc/phpmyadmin/ssl/rds-combined-ca-bundle.pem
restart: always
ports:
- 8081:80
volumes:
- /sessions
- /home/centos/phpmyadmin/config.user.inc.php:/etc/phpmyadmin/config.user.inc.php:ro
- /home/centos/phpmyadmin/rds-combined-ca-bundle.pem:/etc/phpmyadmin/ssl/rds-combined-ca-bundle.pem:ro
Upvotes: 0
Reputation: 9
You can create a volume in docker-compose and replicate apache config and certificates to container
phpmyadmin:
container_name: phpmyadmin
hostname: phpadmin.domain
image: phpmyadmin:latest
restart: always
build:
context: .
dockerfile: phpmyadmin.dockerfile
ports:
- 8080:443
volumes:
- ./phpmyadmin/000-default.conf:/etc/apache2/sites-enabled/000-default.conf
- ./ssl/cert.pem:/etc/ssl/cert.pem
- ./ssl/cert.key:/etc/ssl/cert.key
phpmyadmin/000-default.conf:
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/ssl/cert.pem
SSLCertificateKeyFile /etc/ssl/cert.key
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
To finish you need enable ssl with a2enmod and restart apache, in my case I am using phpmyadmin.dockerfile with:
FROM phpmyadmin
RUN a2enmod ssl
That's it.
Upvotes: -1
Related Questions
- How to setup AWS rds with SSL with phpmyadmin
- Connect laravel 5 to AWS RDS with SSL
- [Docker]: Connecting PHPMyAdmin to MySQL doesnt work
- How to connect to Amazon RDS via SSL?
- Laravel Docker Container Cannot connect to remote AWS RDS Database
- Connect AWS EC2 instance to RDS MySQL through SSL using PHP
- Docker Compose phpmyadmin not connecting to MySQL
- Connecting to RDS instance from phpMyAdmin installed on EC2 server
- phpMyAdmin not working to connect to RDS from EC2 machine, out of ideas
- PHP to MySQL Amazon RDS with SSL, confirm SSL