search

roundcube / roundcubemail

The Roundcube Webmail suite
https://roundcube.net
GNU General Public License v3.0
5.89k stars 1.64k forks source link

Establish secure mySQL SSL Connection #8334

Closed Gill-Bates closed 2 years ago

Gill-Bates commented 2 years ago

I am looking for a convinient way to establish a secure my-SQL SSL-Connection.

Currently I hacked a workaround by modifying /program/lib/Roundcube/rcube_db.php by adding a line of Code to the function protected function dsn_options($dsn)

$result[PDO::MYSQL_ATTR_SSL_CA] = '/home/files/ca-clientcert.pem';

image

I would expect an option inside config.inc.php like 

// Provide a Path to your local Certifcate if you want to establish a secure SSL-Connection
$config['db_ssl'] = "path/to/my/cert.pem";
alecpl commented 2 years ago

You can do this via the DSN string.

// Note: Various drivers support various additional arguments for connection,
//       for Mysql: key, cipher, cert, capath, ca, verify_server_cert,
//       for Postgres: application_name, sslmode, sslcert, sslkey, sslrootcert, sslcrl, sslcompression, service.
//       e.g. 'mysql://roundcube:@localhost/roundcubemail?verify_server_cert=false'

Another example: mysql://roundcube:@localhost/roundcubemail?ca=path/to/my/cert.pem&verify_server_cert=false