Ivan Gabriele Ivan Gabriele - 1 month ago 12
YAML Question

Symfony : how to set SSL parameters in Doctrine DBAL configuration (YAML)?

I'd like to add my SSL cert and key files to Doctrine DBAL configuration but I don't see how to achieve that.

In PHP, I just have to write something like :

$databaseHandler = new \PDO(
'mysql:host=my_host;dbname=my_db',
'username',
'password',
array(
\PDO::MYSQL_ATTR_SSL_KEY => '.../client-key.pem',
\PDO::MYSQL_ATTR_SSL_CERT => '.../client-cert.pem',
\PDO::MYSQL_ATTR_SSL_CA => '.../ca-cert.pem'
)
);


I understand there is a Custom Driver Option
driverOptions
, and I saw this answer but I'm not sure about how to translate that into YAML.

I have the feeling I should write something close to :

doctrine:
dbal:
driver: "%database_driver%"
host: "%database_host%"
port: "%database_port%"
dbname: "%database_name%"
user: "%database_user%"
password: "%database_password%"
charset: UTF8
driverOptions:
PDO::MYSQL_ATTR_SSL_CA: '.../client-key.pem'
PDO::MYSQL_ATTR_SSL_CERT: '.../client-cert.pem'
PDO::MYSQL_ATTR_SSL_CA: '.../ca-cert.pem'


But double colons won't really please YAML...

Answer

Symfony configuration via yaml (and possibly xml), doesn't allow the keys to be dynamically set, which means you can't use the constants. To get around this, you can create an extra PHP config file that just handles making a key out of the constants.

The solution in a Gist is here: https://gist.github.com/samsch/d5243de3924a8ad10df2

The two major features that this utilizes are that a PHP config file can use any string value for the key, including variables, constants; and that you can use parameters as values for other parameters (something I didn't know until I tried it recently.)

So, you add the PHP config file in config.yml:

imports:
    - { resource: parameters.yml }
    - { resource: pdo-constants.php }

pdo-constants.php is this:

<?php
$container->setParameter("pdo_options", [
    PDO::MYSQL_ATTR_SSL_CA => "%pdo_ca_file%",
]);

Add any other constants you need as well.

Then in parameters.yml, you just need the values for your constants:

parameters:
#...
    pdo_ca_file: /pathtocerts/certs/mysql-ca.pem

Now, I'm guessing that working with another DB system which uses PDO constants would be similar, but I've only used this MySQL.