Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Should be easier to set the SSL_VERIFY_SERVER_CERT flag #526

Closed
sodabrew opened this issue Jul 24, 2014 · 5 comments
Closed

Should be easier to set the SSL_VERIFY_SERVER_CERT flag #526

sodabrew opened this issue Jul 24, 2014 · 5 comments
Milestone
0.4.0

Comments

@sodabrew
Copy link
Collaborator

https://stackoverflow.com/questions/24172119/rails-mysql2-how-to-verify-mysql-servers-ssl-certificate
@justincase
Copy link
Contributor

Perhaps we could pass SSL_VERIFY_SERVER_CERT by default when specifying a CA bundle as well.

@sodabrew
Copy link
Collaborator Author

I generally agree but it would be a breaking change for sites that are using unverified SSL as a minimum effort mitigation for eavesdropping on the connection.

@justincase
Copy link
Contributor

Yeah, I suppose so. It's not behaviour I like to encourage but that's for an other discussion.

@sodabrew sodabrew added this to the 0.4.0 milestone Jul 29, 2014
@sodabrew
Copy link
Collaborator Author

I can add an easier-to-find flag for 0.3.17, but I'm marking this for 0.4.0 as a reminder to myself to change the defaults in the future.

This was referenced Aug 1, 2015
Merged
Closed
@sodabrew
Copy link
Collaborator Author

sodabrew commented Aug 5, 2015

In PR #648 I added an :sslverify option, but it's off by default at the moment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.4.0
Development

No branches or pull requests
2 participants
@justincase @sodabrew