none
How to download the Baltimore Certificate to Azure App Service? RRS feed

  • Question

  • Hello there!

    I use an Azure App Service plan (linux) hosting an App Service for a simple website. Within this website (PHP), I have a HTML formular, which sends the data entered by the user to an Azure MySQL database. Without SSL it worked. Now I configure SSL/TLS on the database side, as well as on the app service side. Refering to the DOCS, the code to connect to a MySQL database using PHP via SSL looks like this:

    $conn = mysqli_init();
    mysqli_ssl_set($conn,NULL,NULL, "/var/www/html/BaltimoreCyberTrustRoot.crt.pem", NULL, NULL) ; 
    mysqli_real_connect($conn, 'mydemoserver.mysql.database.azure.com', 'myadmin@mydemoserver', 'yourpassword', 'quickstartdb', 3306, MYSQLI_CLIENT_SSL);
    if (mysqli_connect_errno($conn)) {
    die('Failed to connect to MySQL: '.mysqli_connect_error());
    }

    But I get a error message "Failed to connect to MySQL". The credentials are ok. It must be the certificate.

    Unfortunately, there's no step how to get the certification file in this path (Or inside the app service at all). So how do I do it?

    Best regards

    • Edited by Eiffelsturm Friday, August 16, 2019 12:12 PM added error message
    Friday, August 16, 2019 12:10 PM

Answers

  • As highlighted here, you will need to use the Baltimore cert for your web app. Once you have it, you can place it within your site by using FTPS as one method and place it in the wwwroot folder of your site. You can then edit the path called in your code to align with where you placed it in the root. Never place your cert into your source control. You should only upload it using FTPS.

    Also, it's not considered best practice to hard code your connection string into your site files. The recommended method is to use the connection string blade in the portal as described here, and then reference the connection string in your code to avoid exposing your password.

    Saturday, August 17, 2019 8:21 AM
    Moderator