Hello, Have you tried by adding those too? MySQL4SSLKeyPath = "/etc/certs/default_key.key"; MySQL4SSLCertPath = "/etc/certs/default_cert.crt";
Quentin -----Original Message----- From: [email protected] <[email protected]> On Behalf Of Thomas Gebert Sent: vendredi 7 février 2025 15:43 To: [email protected] Subject: [SOGo] SOGo doesn't use TLS with mariadb Hello, If have setup a mariadb server tgt-db01.cluster.lxc (10.0.3.45) with ========================================= [mariadb] bind-address=* port = 3306 max_allowed_packet = 32M max_connections = 800 log-bin # enable binary logging ## SSL settings ssl_cert = /etc/certs/default_cert.crt ssl_key = /etc/certs/default_key.key ssl_ca = /etc/certs/ca_chain.crt require_secure_transport=ON [client-mariadb] ssl_ca = /etc/certs/ca_chain.crt ssl-verify-server-cert = TRUE ========================================= SOGo ist configured : /* Database */ SOGoProfileURL = "mysql://sogo:[email protected]:3306/sogo/sogo_user_profile"; OCSFolderInfoURL = "mysql://sogo:[email protected]:3306/sogo/sogo_folder_info"; OCSSessionsFolderURL = "mysql://sogo:[email protected]:3306/sogo/sogo_sessions_folder"; OCSEMailAlarmsFolderURL = "mysql://sogo:[email protected]:3306/sogo/sogo_alarms_folder"; MySQL4SSLEnabled = YES; MySQL4SSLCaPath = "/etc/certs/ca_chain.crt"; But when I test the connection with tcpdump I can only see a plain login connection. Can anybody see what is wrong? I double checked the (selfsigned) certificates ... When I change the setting require_secure_transport for mariadb to OFF and restart the instance sogo can connect. To make it clear, I want to set up TLS for the serverside but until now I don't want a client certificate. I don't understand why it doesn't work. Greetings Thomas -- Heinlein Consulting GmbH Schwedter Str. 8/9b, 10119 Berlin https://www.heinlein-support.de Tel: 030 / 40 50 51 - 0 Fax: 030 / 40 50 51 - 19 Amtsgericht Berlin-Charlottenburg - HRB 220009 B Geschäftsführer: Peer Heinlein - Sitz: Berlin
