Hello,
If have setup a mariadb server tgt-db01.cluster.lxc (10.0.3.45) with
=========================================
[mariadb]
bind-address=*
port = 3306
max_allowed_packet = 32M
max_connections = 800
log-bin # enable binary logging
## SSL settings
ssl_cert = /etc/certs/default_cert.crt
ssl_key = /etc/certs/default_key.key
ssl_ca = /etc/certs/ca_chain.crt
require_secure_transport=ON
[client-mariadb]
ssl_ca = /etc/certs/ca_chain.crt
ssl-verify-server-cert = TRUE
=========================================
SOGo ist configured :
/* Database */
SOGoProfileURL =
"mysql://sogo:[email protected]:3306/sogo/sogo_user_profile";
OCSFolderInfoURL =
"mysql://sogo:[email protected]:3306/sogo/sogo_folder_info";
OCSSessionsFolderURL =
"mysql://sogo:[email protected]:3306/sogo/sogo_sessions_folder";
OCSEMailAlarmsFolderURL =
"mysql://sogo:[email protected]:3306/sogo/sogo_alarms_folder";
MySQL4SSLEnabled = YES;
MySQL4SSLCaPath = "/etc/certs/ca_chain.crt";
But when I test the connection with tcpdump I can only see a plain login
connection.
Can anybody see what is wrong?
I double checked the (selfsigned) certificates ...
When I change the setting require_secure_transport for mariadb to OFF
and restart the instance
sogo can connect.
To make it clear, I want to set up TLS for the serverside but until now
I don't want a client certificate.
I don't understand why it doesn't work.
Greetings
Thomas
--
Heinlein Consulting GmbH
Schwedter Str. 8/9b, 10119 Berlin
https://www.heinlein-support.de
Tel: 030 / 40 50 51 - 0
Fax: 030 / 40 50 51 - 19
Amtsgericht Berlin-Charlottenburg - HRB 220009 B
Geschäftsführer: Peer Heinlein - Sitz: Berlin
