Hi Scott,

To confirm SSL/TLS connections to MySQL are not currently supported.
While from a coding perspective it does not appear to be a big deal
(matter of adding a mysql_set_ssl() call before mysql_real_connect()), i
have no infrastructure to test this working properly. Can you help with
this? If so we can follow-up by unicast email as the dev part will be of
little general interest:

1) please send over the output of a pmacctd -V

2) Basing on the version you are running and compile options i will say
   where to insert the mysql_set_ssl() call.

3) As preparations, you should have ready the following inputs required
   by mysql_set_ssl():

   * The path name of the client private key file.
   * The path name of the client public key certificate file. 
   * The path name of the Certificate Authority (CA) certificate file
     (apparently optional).
   * The path name of the directory that contains trusted SSL CA
     certificate files.

For a first round we'll hard-code all this info to proof it working;
then, once happy, we can move all of that to config directives.

Paolo

On Mon, Aug 19, 2019 at 05:05:57AM +0000, Scott Pettit wrote:
> Hello,
> 
> I can't find a configuration key to enable SSL/TLS when using MySQL with 
> pmacct. Is this possible?
> 
> -Scott
> --
> 
> [https://s3-ap-southeast-2.amazonaws.com/e2emailsig/vorco.png]
> 
> Scott Pettit | Director
> ☎+64 9 9502222<tel:+64 9 9502222> | 
> ✉spet...@vorco.net<mailto:spet...@vorco.net>
> 
> Vorco | ☎+64 9 2222222<tel:+6492222222>
> 205/100 Parnell Road, Parnell, Auckland 1052, New Zealand
> http://www.vorco.net
> 
> The content of this message and any attachments may be privileged, 
> confidential or sensitive and is intended only for the use of the intended 
> recipient(s). Any unauthorised use is prohibited. Views expressed in this 
> message are those of the individual sender, except where stated otherwise 
> with appropriate authority. All pricing provided is valid at the time of 
> writing only and may change without notice. Sales are made subject to our 
> Terms & Conditions, available on our website or on request. Errors & 
> Omissions Excepted.
> ________________________________
>  The content of this message and any attachments may be privileged, 
> confidential or sensitive. Any unauthorised use is prohibited. Views 
> expressed in this message are those of the individual sender, except where 
> stated otherwise with appropriate authority. All pricing provided is valid at 
> the time of writing only and due to factors such as the exchange rate, may 
> change without notice. Sales are made subject to our Terms & Conditions, 
> available on our website or on request.
> ________________________________
> _______________________________________________
> pmacct-discussion mailing list
> http://www.pmacct.net/#mailinglists

_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists

Reply via email to