Topic: Client-server SSL connection to MySQL server
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.8
- Linux/BSD distribution name and version: CentOS 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): SQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hi,
I have just installed iRedMail with this configuration:
- 1 Server (MAIL) --> with all services but MariaDB
- 1 Server (DB) --> with MariaDB only
I followed this tutorial: https://docs.iredmail.org/install.iredm … erver.html
and installed with something like:
USE_EXISTING_MYSQL='YES' MYSQL_SERVER_ADDRESS='<public_ip_DB>' MYSQL_SERVER_PORT='13306' MYSQL_ROOT_USER='admin_iredmail' MYSQL_ROOT_PASSWD='admin_password' MYSQL_GRANT_HOST='<public_ip_MAIL>' bash iRedMail.shEverything works fine.
However, one of the requirements for the final configuration is SSL client-server connection between MAIL and DB.
The configuration is already done. DB has server certificates, MAIL has client certificates. I added SSL requested to the user admin_iredmail to test and it works. If I run from MAIL:
mysql -h <public_ip_DB> -u admin_iredmail -P 13306 -p --sslI can access MySQL and:
SSL: Cipher in use is DHE-RSA-AES256-SHAAny controindication in doing the same for all MySQL users used by iRedMail? What would it take to add the "--ssl" to each connection?
Thanks
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.