We have a Magento site on a VM with 2GB of RAM. Right now, both Apache and MySQL are running on that same VM. Since that's just not enough RAM for this site, I have been tasked with separating the MySQL server onto a separate 2GB VM (which is running on a different host machine in the same datacenter).
Because the network between the two VMs is not secure, I want to use SSL on the MySQL connection between them. I cannot seem to find how to tell Magento to use SSL.
I know that in PDO directly I would do something like this:
<?php
$db = new PDO(
'mysql:host=hostname;dbname=ssldb',
'username',
'password',
array(
PDO::MYSQL_ATTR_SSL_KEY =>'/path/to/client-key.pem',
PDO::MYSQL_ATTR_SSL_CERT=>'/path/to/client-cert.pem',
PDO::MYSQL_ATTR_SSL_CA =>'/path/to/ca-cert.pem'
)
);
Where in the config file would I put those SSL options though?
Best Answer
Not really any clean solution for this as the class in question is under
libso you can't rewrite it as per a normal model etc. Have a look at classZend_Db_Adapter_Pdo_Abstractand protected method_connect(). This is where you will see the call tonew PDO()and where you need to make the changes. As the only option for overriding this method is to move the entire class to the local codepool, there is better, much shorter class you can move instead. ClassMagento_Db_Adapter_Pdo_Mysqlextends offZend_Db_Adapter_Pdo_Abstractand as method_connect()is protected and not private you can copy it into the class and it will run instead of the Zend class method.So copy
lib/Magento/Db/Adapter/Pdo/Mysql.phptoapp/code/local/Magento/Db/Adapter/Pdo/Mysql.php, add the_connect()method from classZend_Db_Adapter_Pdo_Abstractand make the necessary changes to thenew PDO()call.Note that the classes here are only relevant from 1.8CE onwards -
lib/Magento/didn't exist before that. Also bear in mind moving core files to the local codepool is not a good way of doing things. Even though it's the only real option that I can see in this case, it's still not good practice.