From 0a46f181bf69cc6627f5dc67aab32684fdf76574 Mon Sep 17 00:00:00 2001 From: Geoff Waggott Date: Mon, 2 Apr 2018 02:36:58 +0100 Subject: Mysql SSL connection support from pull request #8049 (#10866) * Mysql SSL connection support from pull request #8049 * updated minified js * Add ssl_no_verify config option for skipping certificate verification (works only on some PHP setups). * Remove TODO comment from DbOverSSLCheck diagnostic, will create issue. * Skip test if SSL is not enabled * Undo changes to piwik.js for tests. * Tweak to DbSSLTest. --- config/global.ini.php | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) (limited to 'config') diff --git a/config/global.ini.php b/config/global.ini.php index ea707a097e..e51cd09561 100644 --- a/config/global.ini.php +++ b/config/global.ini.php @@ -21,6 +21,25 @@ port = 3306 adapter = PDO\MYSQL type = InnoDB schema = Mysql + +; Database SSL Options START +; Turn on or off SSL connection to database, possible values for enable_ssl: 1 or 0 +enable_ssl = 0 +; Direct path to server CA file, CA bundle supported (required for ssl connection) +ssl_ca = +; Direct path to client cert file (optional) +ssl_cert = +; Direct path to client key file (optional) +ssl_key = +; Direct path to CA cert files directory (optional) +ssl_ca_path = +; List of one or more ciphers for SSL encryption, in OpenSSL format (optional) +ssl_cipher = +; Whether to skip verification of self signed certificates (optional, only supported +; w/ specific PHP versions, and is mostly for testing purposes) +ssl_no_verify = +; Database SSL Options END + ; if charset is set to utf8, Matomo will ensure that it is storing its data using UTF8 charset. ; it will add a sql query SET at each page view. ; Matomo should work correctly without this setting but we recommend to have a charset set. @@ -37,6 +56,13 @@ adapter = PDO\MYSQL type = InnoDB schema = Mysql charset = utf8 +enable_ssl = 0 +ssl_ca = +ssl_cert = +ssl_key = +ssl_ca_path = +ssl_cipher = +ssl_no_verify = 1 [tests] ; needed in order to run tests. @@ -904,4 +930,3 @@ SDK_batch_size = 10 SDK_interval_value = 30 ; NOTE: do not directly edit this file! See notice at the top - -- cgit v1.2.3