afterlogic / webmail-lite-8

Open-source webmail script for existing IMAP server
https://afterlogic.org/webmail-lite-8
GNU Affero General Public License v3.0
335 stars 72 forks source link

Support of encrypted MySQL connections #113

Closed Lukasz032 closed 2 months ago

Lukasz032 commented 2 months ago

Currently, TCP database connections fail if the server requires secure transport:

[19:25:14.87][7f301e9b] [POST(4)][ip:31.0.79.154] /?/Api/
[19:25:14.87][7f301e9b] POST > [Module, Method, Parameters, TenantName]
[19:25:14.87][7f301e9b]
[19:25:14.87][7f301e9b] SQLSTATE[HY000] [3159] Connections using insecure transport are prohibited while --require_secure_transport=ON.

It is possible to add support for secure transports, it involves setting some additional PDO settings - namely, the path to the directory containing the CA the certificate used by target server was issued by, and/or disabling server certificate validation (the CA directory must be non-empty either way, even in that case - it's the flag PDO uses to enable secure transport).

Please consider making those options editable in the configuration file, without the need to explicitly tamper with source :)

afterlogic-support commented 2 months ago

Please feel free to open a feature request at: https://afterlogic.uservoice.com/forums/932335-webmail-pro We use that resource when creating a roadmap for the product. If a feature gets a substantial amount of votes, its chances of getting implemented are improved. Thank you.