SSL cPanel mySql setup

J. Landman Gay jacque at hyperactivesw.com
Fri Oct 16 14:09:37 EDT 2020 

When I get a stack like that it's usually easier to figure out what it does 
and just rewrite it from scratch.

--
Jacqueline Landman Gay | jacque at hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
On October 16, 2020 12:16:52 PM Pi Digital via use-livecode 
<use-livecode at lists.runrev.com> wrote:

> Bill
>
> Thanks for this. We were just discussing the same solution. I already have 
> some php scripts I’m using for the HTML5 deployment of a LC stack as a 
> portal to the same database.
>
> The whole thing needs an overhaul. I’ve inherited this world of pain that 
> has been 10-15years of amateur coding. A testament to LCs ease of learning 
> for my client who had no coding background before. But, boy, is it a mess. 
> The call to the server along with all the credentials had been copy pasted 
> over 900 times inside 700 objects. That’s just counting each time it opens 
> a connection to the database. Bonkers!
>
> I think we’ve got a plan of attack now and some light at the end of this 
> very long tunnel. Let’s see how much speed I can get out of this chuff 
> chuff in the tunnel.
>
> Sean Cole
> Pi Digital
>
>
>> On 16 Oct 2020, at 17:31, William Prothero via use-livecode 
>> <use-livecode at lists.runrev.com> wrote:
>>
>> Sean:
>> You might find this download interesting, perhaps useful:
>> http://earthlearningsolutions.org/wp-content/uploads/2018/07/RemoteDbEncryption.livecode.zip 
>> <http://earthlearningsolutions.org/wp-content/uploads/2018/07/RemoteDbEncryption.livecode.zip>
>>
>> It is a demo of AES encryption that I use. The livecode app encrypts it, 
>> sends to a php file, which decrypts it and posts to a mysql database. You 
>> could even store the data encrypted if you want, but I like to access the 
>> db with phpMyAdmin.
>>
>> Best,
>> Bill
>>
>> William A. Prothero
>> https://earthlearningsolutions.org
>>
>>> On Oct 16, 2020, at 2:51 AM, matthias rebbe via use-livecode 
>>> <use-livecode at lists.runrev.com> wrote:
>>>
>>> Hi Sean,
>>>
>>> there was a discussion a few weeks ago with the topic "Strange behavior 
>>> between Mysql, MariaDB and SSL."
>>> I am not sure if the information in that discussion will solve your problem.
>>>
>>> Another approach is the following. For security reasons we do not let 
>>> communicat our LC apps directly with MySQL Databases, if the Database is 
>>> hosted on a public server.
>>>
>>> We using a Livecode Server Script on the Webserver for doing the complete 
>>> DB communication.
>>> Our standalones (Mobile and Desktop) send the requests (password encrypted 
>>> string) either as POST or GET to the LC Server script. The script encrypts 
>>> the  request string and executes it. The return from the DB is then 
>>> returned to our standalone.
>>>
>>> Another way would be to use an LC server api HostM is providing for free.
>>> https://www.hostm.com/tutorials/livecode/api-mariadb-mysql
>>>
>>>
>>> Regards,
>>> Matthias
>>>
>>> -
>>> Matthias Rebbe
>>> Life Is Too Short For Boring Code
>>>
>>>>> Am 16.10.2020 um 10:34 schrieb Pi Digital via use-livecode 
>>>>> <use-livecode at lists.runrev.com>:
>>>>
>>>> Hi
>>>>
>>>> I’ve found myself out of my depth and in need of advice.
>>>> We have a cPanel webspace with mySQL running on a phpMyAdmin layer within 
>>>> the cPanel setup. Communicating with it from LC has been a breeze. However, 
>>>> doing a traffic scan we noticed that our queries and responses from the 
>>>> database are completely visible. Obviously a high security risk.
>>>>
>>>> Using an ssl certificate set, how do I implement this? How do I get cPanel 
>>>> to allow for it and get LC to make use of them when using revOpenDatabase? 
>>>> I have the useSSL flag set to Boolean ‘true’. I’ve tried using the set 
>>>> certificates pointing it at the three ssl files. But the data still is 
>>>> fully readable as plaintext in both direction when checked by our traffic 
>>>> scanner.
>>>>
>>>> Thanks
>>>>
>>>> Sean
>>>>
>>>> _______________________________________________
>>>> use-livecode mailing list
>>>> use-livecode at lists.runrev.com
>>>> Please visit this url to subscribe, unsubscribe and manage your 
>>>> subscription preferences:
>>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>>
>>> _______________________________________________
>>> use-livecode mailing list
>>> use-livecode at lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your 
>>> subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>
>> _______________________________________________
>> use-livecode mailing list
>> use-livecode at lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your 
>> subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your 
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode

More information about the use-livecode mailing list