That flag uses SSL encryption but disables validation of the provided SSL certificate. This is only for installations using MySQL Native Driver and MySQL 5.6 or later. On Wed, Mar 22, 2023 at 4:50 PM John Wythe <JWythe@xxxxxxxxxx> wrote: > mysqli_real_connect has a parameter called flags than can be passed to > it. One of the flags in *MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT.* > > > > What does this flag do? Does it only disable the CN validation, or does > it also disable the certificate validation against a CA authority. > > > > SSL_CONEXT talks about options > > > > peer_name > > peer_verify > > peer_verify_name > > > > I would like to use these to at least disable only the verify_name part, > or maybe even set the peer_name and have both validations turned on. > > > > Seems this context function is only available for streams and not mysqli. > > > > Openssl seems to have the ability to do this, however it does not appear > to be exposed via mysqli. I am guessing the flag above equates to peer > verify and not peer_verify_name, or equates to both. > > > > I suppose I could download the source for php_pmysqli, and have a look, > would that be the correct package to look at? > > > > > > John Wythe > Software & Systems Engineer > Epicor Software Corporation > www.epicor.com > > Ph: 250-260-6495 > TF Support: 800-678-7423 > E-Mail: jwythe@xxxxxxxxxx > Support E-Mail: *SilkSupport@xxxxxxxxxx <SilkSupport@xxxxxxxxxx>* > > *Support portal:* *https://epicorcs.service-now.com/epiccare/ > <https://epicorcs.service-now.com/epiccare/>* > > <http://www.epicor.com/services/default.aspx> > > >
