Commit f20d7a5a authored by Fredrik Soderblom's avatar Fredrik Soderblom
Browse files

Make it possible to disable Common Name (CN) verification of the servers certificate.

parent 20a1778b
......@@ -70,4 +70,5 @@ $config['db']['ssl_key'] = '/path/to/cert.key'; // path to an SSL
$config['db']['ssl_cert'] = '/path/to/cert.crt'; // path to an SSL certificate file. Only makes sense combined with ssl_key
$config['db']['ssl_ca'] = '/path/to/ca.crt'; // path to a file containing SSL CA certs
$config['db']['ssl_capath'] = '/path/to/ca_certs'; // path to a directory containing CA certs
$config['db']['ssl_cipher'] = '/DHE-RSA-AES256-SHA:AES128-SHA'; // one or more SSL Ciphers
\ No newline at end of file
$config['db']['ssl_cipher'] = 'DHE-RSA-AES256-SHA:AES128-SHA'; // one or more SSL Ciphers
$config['db']['ssl_verify'] = true; // Verify Common Name (CN) of server certificate?
......@@ -905,6 +905,10 @@ class Database_PDO extends DB {
$this->ssl = array();
if ($config['db']['ssl_verify']===false) {
$this->ssl[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = false;
}
foreach ($this->pdo_ssl_opts as $key => $pdoopt) {
if ($config['db'][$key]) {
$this->ssl[$pdoopt] = $config['db'][$key];
......@@ -1011,4 +1015,4 @@ class Database_PDO extends DB {
return array($foreignLinksByTable, $foreignLinksByRefTable);
}
}
\ No newline at end of file
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment