PHP based utility to do the re-encryption to migration application from PHP 5.5 to PHP 5.6

Context : The idea is to execute the php based utility which decrypts the column1 and column2 of table1 and table2 as well with crypt_key of size 12  and then encrypts the same column1 and column2 with crypt_key of size 24 in database. Now we can upgrade the app from PHP 5.5 to PHP 5.6. Followings are the steps which are needed to perform the desired task –

  1. Take the backup of application database. Please follow the below steps to take the backup –
    1. Go to Mysql installation bin directory (Mine is C:\Program Files\MySQL\MySQL Server 5.7\bin).
    2. Execute the below command and it’ll prompt for the database_password.
      1. C:\Program Files\MySQL\MySQL Server 5.7\bin> mysqldump -u database_user –password -h localhost database_name > C:\Users\tangupta\Desktop\AppDatabase_Backup.sql (Please change this path where you want to take backup)
        Enter password: ***********
      2. In case, you are not able to run the above command and getting the error like “mysqldump: Got error: 1045: Access denied for user ‘ODBC’@’localhost’ (using password: NO) when trying to connect”, Please check whether you had granted all the privilages on this database (local_app) in Mysql. if not , Please execute the below command on Mysql Command line client for the same –                       mysql> grant all privileges on db_name.* to ‘username’@’localhost’ identified by ‘password’;
  2. Execute the PHP script to decrypt and then encrypt the keys (column1 and column12 of table1 and table2 as well) in database. Please follow the below steps to execute the PHP script –
    1. Go to the path where script is saved (Mine is C:\xampp\htdocs)
    2. Execute the below command to do the same –
      1. C:\xampp\htdocs>php MigrationScript.php 127.0.0.1 local_user local_pass local_dbname 012345678901 012345678901234567890123 C:\Users\tangupta\Desktop\DbMigrationScriptLogs.txt
        1. MigrationScript.php (Name of the PHP Script)
        2. 127.0.0.1 (ServerName)
        3. local_user (database_user)
        4. local_pass (database_password)
        5. local_dbname (database_name)
        6. 012345678901 (Old 12 characters Encrypt Key as stored in PHP 5.5 chef recipe)
        7. 012345678901234567890123 (New 24 characters Encrypt Key as stored in PHP 5.6 chef recipe)
        8. C:\Users\tangupta\Desktop\DbMigrationScriptLogs.txt (path where you want to save the script logs)
          Note* – If you are not able to execute the script because of invalid character error, Please give the arguments in single quotes (Ex- ‘012345678901’). If there is some issue regarding database access with the user, please execute the query mentioned in step 1. (a. (ii.)).
      2. Now script will give ask user whether he/she wants to execute the script or not (Yes or No). If yes, script will continue to execute else it will halt the execution.
  3. Upgrade the App from PHP 5.5 to PHP 5.6.
  4. Update the crypt_key as per PHP5.6 statndard (Only keys of sizes 16, 24 or 32 supported) in the chef-recipe-bag.
  5. Deploy the application.
  6. In case there is any failure, Please rollback the database by using below steps-
    1. Go to Mysql Command line client.
    2. Execute the below command to restore from DB backup created at step 1 –
      1. mysql> source  C:\Users\tangupta\Desktop\AppDatabase_Backup.sql (Path where you took the db backup, please change this accordingly.)
    3. Downgrade the App from PHP 5.6 to PHP 5.5.
    4. Revert to the old 12 character encryt key in chef recipe and rebuild the app server.
  7. Finish.

How to create a self signed ssl cert with no passphrase for your test server

  1. Generate your key with openssl openssl genrsa -out server.key 1024

Output:

Generating RSA private key, 1024 bit long modulus

……………………..++++++

……………………………………………………………………….++++++

e is 65537 (0x10001)

  1. Use your key to create your ‘Certificate Signing Request’ – and leave the passwords blank to create a testing ‘no password’ certificate

openssl req -new -key server.key -out server.csr

Output:

You are about to be asked to enter information that will be incorporated into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter ‘.’, the field will be left blank.


Country Name (2 letter code) [AU]:

State or Province Name (full name) [Some-State]:

Locality Name (eg, city) []:

Organization Name (eg, company) [Internet Widgits Pty Ltd]:

Organizational Unit Name (eg, section) []:

Common Name (eg, YOUR name) []:

Email Address []:

Please enter the following ‘extra’ attributes to be sent with your certificate request

A challenge password []:

An optional company name []:

 

Note* – Please use the same name (For me root name is other.local-dev.creativesign.com, Please change yours) for the below parameters –

Organization Name = other.local-dev.creativesign.com

Organizational Unit Name = other.local-dev.creativesign.com

Common Name = other.local-dev.creativesign.com

  1. Now create your ssl certicates for apache

openssl x509 -req -days 366 -in server.csr -signkey server.key -out server.crt

Signature ok

subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd

Getting Private key

  1. Check the resultant files

ls

Output: server.crt server.csr server.key server.pem

  1. Add server.crt and server.key file in the given below folders respectively.

SSLCertificateFile “C:\xampp\apache\conf\ssl.crt\server.crt”

SSLCertificateKeyFile “C:\xampp\apache\conf\ssl.key\server.key”

 

How to enable debugging through Eclipse/STS

This is the post excerpt.

  1. First Add below lines in php.ini –

;[XDebug]

;zend_extension = “C:\xampp\php\ext\php_xdebug.dll”

;xdebug.remote_enable = 1

;xdebug.remote_autostart=1

;xdebug.remote_host=localhost

;xdebug.remote_port=9000

semicolon (;) is used to comment the line.

  1. Now go to STS –

Right Click on Box Project -> Debug As -> Debug Configurations -> PhP Web Aplication -> New

Name it as Box_Integration or whatever you want –

In the Server Tab -> Php Server Configure -> Configure

Server Tab ->

Server Name : other.local-dev.creativesign.com (change yrs)

Base URL : http://other.local-dev.creativesign.com:447 (change yrs)

Document Root : Browse the root directory of the php project (My path – C:\xampp\htdocs\other.local-dev.creativesign.com)

Debugger Tab ->

Debugger : XDebug

Port : 9000

Path Mapping Tab ->

Path On Server :  C:\xampp\htdocs\other.local-dev.creativesign.com

Path in Wrokspace : /echosign-box-integration

Now Finish and come to main Server Tab .

In File : Give path of php page which you want to debug . /echosign-box-integration/src/Adobe/EchoSign/BoxBundle/Api/EchoSign.php

URL :   http://other.local-dev.creativesign.com:447/  map to /

Now Enjoy debugging.

Note* – If you are stuck at the 2nd line of app.php or app_dev.php while debuging, Go to preferences of IDE (Eclipse in my case), search debug. Click on the Debug of PHP, you can see that “Break at First line” is checked by default. You need to uncheck it. Hope now the problem will be solved.