https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36026
Marcel de Rooy <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #13 from Marcel de Rooy <[email protected]> --- (In reply to Lukas Koszyk from comment #10) > f) Set "<tls>yes</tls>" in the <config> section in koha-conf.xml. > > g) In Koha/Database.pm: > replace ";mysql_ssl=1" by ";mysql_ssl=1;mysql_ssl_optional=1" > > 4) Run restart_all. > > 5) Check that Koha's staff interface works. > > 6) Sign off. Could you please clarify this part of the test plan? We only set tls to yes, but do not fill the other stuff in koha-conf. We switch to ssl optional by changing the code we should be testing.. So we are actually testing something else? And signing off the original? And note: Setting mysql_ssl_optional to true disables strict SSL enforcement and makes SSL connection optional. This option opens security hole for man-in-the-middle attacks. => Not a good idea? -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
