TLS connection for MYSQL contact db

[hguilbert]

It is not possible to connect in TLS to a MYSQL db ( Contact ), this was not possible with Rainloop.

A ticket had been created that allowed this but was never merged into Rainloop.

Is it possible to integrate this modification ?

For example.
https://github.com/the-djmaze/snappymail/blob/master/snappymail/v/0.0.0/app/libraries/RainLoop/Common/PdoAbstract.php#L87

$sDbOptions = array(
\PDO::MYSQL_ATTR_SSL_KEY => '/etc/ssl/client-key.pem',
\PDO::MYSQL_ATTR_SSL_CERT => '/etc/ssl/client-cert.pem',
\PDO::MYSQL_ATTR_SSL_CA => '/etc/ssl/ca-cert.pem',
\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false,
);

$oPdo = new \PDO($sDsn, $sDbLogin, $sDbPassword, $sDbOptions);

[the-djmaze]

When using self signed certificates, the following should be sufficient.

\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false,

If not, then setting \PDO::MYSQL_ATTR_SSL_CA should be sufficient.

The others are only needed for mutual (two-way) authentication.

For security the \PDO::MYSQL_ATTR_SSL_CIPHER => 'HIGH' could also be used.

With this in mind, i need more info to know what is needed before changing the /?admin#/contacts section.

[hguilbert]

Effectively

\PDO::MYSQL_ATTR_SSL_CA => '/etc/ssl/ca-cert.pem',
\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false,
\PDO::MYSQL_ATTR_SSL_CIPHER => 'HIGH',

is enough ;-)

I'm not sure I understand. With this in mind, i need more info to know what is needed before changing the /?admin#/contacts section..
Ideally make editable via for example include.php or another file

\PDO::MYSQL_ATTR_SSL_KEY => 
\PDO::MYSQL_ATTR_SSL_CERT => 
\PDO::MYSQL_ATTR_SSL_CA => 
\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => 
\PDO::MYSQL_ATTR_SSL_CIPHER => 

This may not be the desired answer. ???

[the-djmaze]

This may not be the desired answer. ???

The answer is ok, it just makes the admin a bit a mess, but i will see what i can do about it.