docker icon indicating copy to clipboard operation
docker copied to clipboard
verified publisher icon phpmyadmin

PMA_SSL_VERIFY is ignored

Open h-fukamachi opened this issue 11 months ago • 1 comments

tags: 5.2.2

When connecting over TLS to proxysql using self-signed certificates, I set PMA_SSL_VERIFY to 0 because CN verification fails if an IP address is specified in PMA_HOST, but it did not work. I started the container with the following variables.

PMA_HOST: "192.168.xxx.xxx"
PMA_PORT: "6033"
PMA_SSL: "1"
PMA_SSL_VERIFY: "0"
PMA_SSL_CA_BASE64: "self-signed CA file (BASE64 encoded)"

If $ssl_verifies[$i - 1] is not 1 in config.inc.php, the value of PMA_SSL_VERIFY seems to be ignored.

https://github.com/phpmyadmin/docker/blob/24c2f1f855bfa93c9c2640261f601620bf312f17/config.inc.php#L145

As a solution, I installed the following config.user.inc.php, which allows phpmyadmin to connect to proxysql, which uses self-signed certificates, over TLS.

config.user.inc.php

<?php
if ($_ENV['PMA_SSL'] && isset($_ENV['PMA_SSL_VERIFY'])) {
    for ($i = 1; isset($hosts[$i - 1]); $i++) {
        $cfg['Servers'][$i]['ssl_verify'] = $_ENV['PMA_SSL_VERIFY'];
    }
}

h-fukamachi avatar Mar 28 '25 09:03 h-fukamachi

Thank you for reporting this @h-fukamachi ! Would you contribute a pull-request to fix this ?

williamdes avatar Aug 29 '25 23:08 williamdes