Hi,
while the driver itself supports TLS it is currently not exposed in the
configuration layer of the CE. There is an application layer encrpytion
when setting the "EncryptKey" in the config and for single node setups
you can use the file system based storage to avoid insecure network traffic.
If you want to tweak it yourself you can find the driver code at
https://github.com/openxpki/openxpki/blob/develop/core/server/CGI_Session_Driver/openxpki.pm
Oliver
On 21.10.24 01:26, S W via OpenXPKI-users wrote:
I’m building an instance with TLS enabled for an external Galera
cluster. It was previously using plaintext connections and now I’m
switching to TLS. I’ve managed to get MariaDB2 connections working
with a couple tweaks in the underlying MariaDB2.pm file and can see my
sessions in the database.
I can’t figure out how to get the CGI session driver to force SSL
encryption (either in a backend file) or in the webui/default.conf
Has anyone managed to get CGI Sessions to connect via a TLS database
connection?
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
