Hi Scott,
To confirm SSL/TLS connections to MySQL are not currently supported.
While from a coding perspective it does not appear to be a big deal
(matter of adding a mysql_set_ssl() call before mysql_real_connect()), i
have no infrastructure to test this working properly. Can you help with
this? If so we can follow-up by unicast email as the dev part will be of
little general interest:
1) please send over the output of a pmacctd -V
2) Basing on the version you are running and compile options i will say
where to insert the mysql_set_ssl() call.
3) As preparations, you should have ready the following inputs required
by mysql_set_ssl():
* The path name of the client private key file.
* The path name of the client public key certificate file.
* The path name of the Certificate Authority (CA) certificate file
(apparently optional).
* The path name of the directory that contains trusted SSL CA
certificate files.
For a first round we'll hard-code all this info to proof it working;
then, once happy, we can move all of that to config directives.
Paolo
On Mon, Aug 19, 2019 at 05:05:57AM +0000, Scott Pettit wrote:
> Hello,
>
> I can't find a configuration key to enable SSL/TLS when using MySQL with
> pmacct. Is this possible?
>
> -Scott
> --
>
> [https://s3-ap-southeast-2.amazonaws.com/e2emailsig/vorco.png]
>
> Scott Pettit | Director
> ☎+64 9 9502222<tel:+64 9 9502222> |
> ✉[email protected]<mailto:[email protected]>
>
> Vorco | ☎+64 9 2222222<tel:+6492222222>
> 205/100 Parnell Road, Parnell, Auckland 1052, New Zealand
> http://www.vorco.net
>
> The content of this message and any attachments may be privileged,
> confidential or sensitive and is intended only for the use of the intended
> recipient(s). Any unauthorised use is prohibited. Views expressed in this
> message are those of the individual sender, except where stated otherwise
> with appropriate authority. All pricing provided is valid at the time of
> writing only and may change without notice. Sales are made subject to our
> Terms & Conditions, available on our website or on request. Errors &
> Omissions Excepted.
> ________________________________
> The content of this message and any attachments may be privileged,
> confidential or sensitive. Any unauthorised use is prohibited. Views
> expressed in this message are those of the individual sender, except where
> stated otherwise with appropriate authority. All pricing provided is valid at
> the time of writing only and due to factors such as the exchange rate, may
> change without notice. Sales are made subject to our Terms & Conditions,
> available on our website or on request.
> ________________________________
> _______________________________________________
> pmacct-discussion mailing list
> http://www.pmacct.net/#mailinglists
_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
