I\'m trying to set up an SSL connection to a MySQL database hosted via Amazon RDS. I\'m confused as to how to connect.
According to Amazon\'s documentation, I need t
The RDS documentation actually explains why this is happening, and suggests that you don't even need the CA cert:
Amazon RDS began updating the SSL certificates on all DB instances on March 23, 2015, but did not initiate a reboot of the instances. No operational impact or downtime is incurred when these updates are performed, and in many situations we will perform the update in your maintenance window. Amazon RDS will not update the certificate for your instances if you have already performed the update. Also note that Amazon RDS is not updating the certificates in AWS GovCloud (US) and the China (Beijing) regions.
Regardless of whether you manually update the certificate or Amazon RDS updated the certificate, the DB instance must be rebooted for the new certificate to take effect. You can decide when you want to manually reboot the DB instance, but you must update the certificate and reboot the instance before the old certificate (rds-ca-2010) expires on April 3, 2015.
You can check the certificate authority (CA) being used by your DB instance using the Amazon RDS console. The CA is listed under the Security and Network section of your DB instance details. If your instance shows rds-ca-2015, then the new certificate has been successfully applied. You still need to reboot your database instance and update your client application to use the new SSL certificate.
If the Amazon RDS console shows your instance CA as rds-ca-2010, then the new certificate has not been applied to your database instance yet. Use the instructions following to update the SSL certificate on your database instances.
The 3rd parameter is essentially being ignored by the client. I'm betting by setting the 3rd param to NULL
, there is no point in calling mysqli::ssl_set()
if all the params are null.
Try removing that function call altogether.