Mageia forum

share the magic

Skip to content

[SOLVED] phpMyAdmin certificate not trusted on localhost

This forum is dedicated to basic help and support :

Ask here your questions about basic installation and usage of Mageia. For example you may post here all your questions about getting Mageia isos and installing it, configuring your printer, using your word processor etc.

Try to ask your questions in the right sub-forum with as much details as you can gather. the more precise the question will be, the more likely you are to get a useful answer
Post a reply

[SOLVED] phpMyAdmin certificate not trusted on localhost

Postby simonhoare » Feb 19th, '13, 09:13

When I try to access localhost/phpmyadmin (via Firefox and Chromium) the system does so via https and the browser says the certificate is not trusted and asks if I want to continue. While it's more likely to be a faulty set-up on my part, a MITM attack is not entirely unthinkable.

What is the right way to get the browser to trust phpMyAdmin?
I have not touched /etc/phpmyadmin/config.php.

This is the contents of /etc/httpd/conf/sites.d/phpmyadmin.conf, which I slightly amended:
Code: Select all
Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin>
    #Require local granted
    Order deny,allow
    Deny from all
    Allow from 127.0.0.1 192.168
    ErrorDocument 403 "Access denied per /etc/httpd/conf/sites.d/phpmyadmin.c$

    php_flag session.auto_start 0
</Directory>

<Location "/phpmyadmin">
    Options +FollowSymLinks
    RewriteEngine On
    RewriteCond %{SERVER_PORT} ^80$
    RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
</Location>

<Directory /usr/share/phpmyadmin/libraries>
    #Require all denied
    Order deny,allow
    Deny from all

</Directory>


MariaDB has a password and Apache itself works fine.
Last edited by simonhoare on Feb 19th, '13, 18:03, edited 1 time in total.
User avatar
simonhoare
 
Posts: 32
Joined: Dec 1st, '12, 18:56
Top

Re: phpMyAdmin certificate not trusted on localhost

Postby simonhoare » Feb 19th, '13, 09:56

Would the MSEC settings help?
User avatar
simonhoare
 
Posts: 32
Joined: Dec 1st, '12, 18:56
Top

Re: phpMyAdmin certificate not trusted on localhost

Postby djennings » Feb 19th, '13, 13:36

phpmyadmin uses a self signed certificate. You could always replace it with a paid for certificate, if you wished.

The certificate is randomly generated when you install phpmyadmin. Just tell your browser to accept the certificate and it will work fine.
User avatar
djennings
 
Posts: 613
Joined: Jun 2nd, '11, 23:51
Location: Wokingham, UK
Top

Re: phpMyAdmin certificate not trusted on localhost

Postby simonhoare » Feb 19th, '13, 18:03

Well if you think I should trust it, I'm happy to. Done.
User avatar
simonhoare
 
Posts: 32
Joined: Dec 1st, '12, 18:56
Top

Re: phpMyAdmin certificate not trusted on localhost

Postby djennings » Feb 19th, '13, 18:18

simonhoare wrote:Well if you think I should trust it, I'm happy to. Done.

A self signed certificate is just as secure as a commercial one. The only difference is because your browser does not know the issuing authority it throws up that message you saw before accepting the certificate.

If in the future you see another similar message on the same browser, then you have a Man in the middle attack. (Although it is not very likely between 2 applications on the same host).

In Mageia phpmyadmin by default will only work to localhost. If you want to allow other hosts to use it you will need to edit the config file at /etc/httpd/conf/webapps.d/phpmyadmin.conf and restart apache.
User avatar
djennings
 
Posts: 613
Joined: Jun 2nd, '11, 23:51
Location: Wokingham, UK
Top
Post a reply

Return to Basic support

Who is online

Users browsing this forum: Google [Bot] and 1 guest

Powered by phpBB® Forum Software © phpBB Group