New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for MySQL and SSL Connections #7039
Comments
@tsteur Thank you for seeing this and triaging it 😄 |
For reference, projects such as define('DBSSLCA','/path/to/ca.crt');
define('DBSSLCERT','/path/to/client.crt');
define('DBSSLKEY','/path/to/client.key'); So for example, an Amazon RDS connection will only need to define |
Not directly related to resolve this issue but maybe an interesting read: https://www.facebook.com/MySQLatFacebook/posts/10153074619236696 |
The pull request @ #8049 is a great start - we have closed it for now as nobody is working on it, but if you are reading this, please consider finish the pull request so we can merge it in Piwik! |
there was a lot of work done for this feature in the pull request here: #10866 - it is only missing the automated tests |
Since this issue has been in the works for over 2 years, does it mean something is blocking it so much that it is unlikely to be implemented soon? If so, is there a recommended workaround to prevent Piwik from sending database passwords in clear text, without encryption? Many thanks for your time working on this issue and for answering my question. |
This is a big one for us, and aligns well with the assertion that I'm currently working around this by copying code over from PR #10866. Unfortunately I was unable to find any documentation on how to create a release locally. Because of this, I added #12509 (Include instructions for building Matomo from source), which will be nice for anyone else in a similar situation. |
Thank you, @cah-andrewfitzgerald. Please ping me here when you have a version to test and I will try slotting it into our test and deployment release cycle. Good luck! |
@cah-andrewfitzgerald As this is PHP and there is no compile step, you can just apply the patch from the PR on your existing release. |
@RafalLukawiecki I don't believe we're going to have a testable version to contribute back. We're using PR #10866 as is, which works for us, but has not been accepted due to a lack of automated tests. @Findus23 I understand that there is no compile step, but there is definitely some sort of transformation happening to get from the source code to the distributions which are available from matomo.org/download, but that's a conversation for issue #12509. |
Looking at #10866 it seems actually good to merge (without testing) if you can confirm it works. |
@tsteur: that would be great! We're currently running 2.16.1 in a Docker container.
@gwaggott (the original PR author might be able to provide some more details/context) |
Feature Request
I'm not seeing any options in Piwik for enabling the
MySQL
connectors to use SSL. It's very important that we are given the capability of encrypting our connections to database servers, since they may not always be on the same server as Piwik.The text was updated successfully, but these errors were encountered: