fghanmi
commented
1 month ago Hello @robertohueso , We're actually working on adding TLS on all the components including TLS for the trillian database. we'll keep you updated once it's set up. Thank you!
Open robertohueso opened 1 month ago
fghanmi
commented
1 month ago Hello @robertohueso , We're actually working on adding TLS on all the components including TLS for the trillian database. we'll keep you updated once it's set up. Thank you!
From https://github.com/securesign/secure-sign-operator/blob/e3643bbe8aa39915e7334fb0c34fade5a6f5716c/internal/controller/trillian/utils/trillian-deployment.go#L92C9-L92C105 I can see MySQL URI does not specify anything about TLS for the connection between the database and Trillian.
My understanding is that Trillian uses go-sql-driver as the SQL driver for connecting to the database. Its
README.mdspecifies that, by default, TLS is disabled https://github.com/go-sql-driver/mysql?tab=readme-ov-file#tlsSo my question is: Are connections to the database TLS secured for deployments created using this operator? Is there a way to enable TLS in these connections?
This might be related to #493.
Thank you! :smile: