I was configuring MediaWiki to allow uploads and was getting an error in the browser about the POST data being too large (“does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit.”). I had a look in the Apache error log and found:
[Thu Feb 23 16:12:45 2012] [error] [client 126.96.36.199] request body exceeds m
aximum size (131072) for SSL buffer, referer: https://www.jj5.net/morpheus/Speci
[Thu Feb 23 16:12:45 2012] [error] [client 188.8.131.52] could not buffer messa
ge body to allow SSL renegotiation to proceed, referer: https://www.jj5.net/morp
So I did some research. I found this document, File upload size which suggested editing /etc/php5/apache2/php.ini which I did:
I had a problem with phpMyAdmin not using encrypted connections.
My server was correctly configured for SSL as indicated by:
SHOW VARIABLES LIKE '%ssl%'
However when I ran:
SHOW STATUS LIKE 'Ssl_cipher'
I got back a null result, indicating that the connection was not encrypted.
Eventually I figured out that the problem was caused by using the ‘mysqli’ provider for my connections in phpMyAdmin. When I switched my connections to use ‘mysql’ instead then encryption started working and an Ssl_cipher was reported.
I’d love to know what the actual problem is, but for now I’m just happy that my connections are actually encrypted. I spent a while hacking on the mysqli dbi interface to try and get it to play nice with SSL but I didn’t make any progress.