Merge pull request #2572 from nzalev/mysql/mariadb-ssl-support

Added selfsigned cert support to mysql/mariadb ssl
This commit is contained in:
Ylian Saint-Hilaire 2021-04-30 20:26:31 -07:00 committed by GitHub
commit c0ff198212
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 2 deletions

9
db.js
View File

@ -446,6 +446,15 @@ module.exports.CreateDB = function (parent, func) {
var connectionObject = Clone(connectinArgs);
delete connectionObject.database;
try {
if (connectinArgs.ssl.cacertpath) { connectionObject.ssl.ca = [require('fs').readFileSync(connectinArgs.ssl.cacertpath, 'utf8')]; }
if (connectinArgs.ssl.clientcertpath) { connectionObject.ssl.cert = [require('fs').readFileSync(connectinArgs.ssl.clientcertpath, 'utf8')]; }
if (connectinArgs.ssl.clientkeypath) { connectionObject.ssl.key = [require('fs').readFileSync(connectinArgs.ssl.clientkeypath, 'utf8')]; }
} catch (ex) {
console.log('Error loading SQL Connector certificate: ' + ex);
process.exit();
}
if (parent.args.mariadb) {
// Use MariaDB
obj.databaseType = 4;

View File

@ -21,7 +21,16 @@
"port": { "type": "number", "description": "MariaDB port number" },
"password": { "type": "string", "description": "MariaDB password" },
"connectionLimit": { "type": "number", "description": "MariaDB connection limit" },
"database": { "type": "string", "default": "meshcentral", "description": "Name of MariaDB database used" }
"database": { "type": "string", "default": "meshcentral", "description": "Name of MariaDB database used" },
"ssl": {
"type": "object",
"description": "SSL Options. Set to true (boolean) for default options.",
"properties": {
"caCertPath": { "type": "string", "description": "Absolute path to the CA certificate. Required for self-signed certificates" },
"clientCertPath": { "type": "string", "description": "Absolute path to the client certificate. Required for two-way SSL Authentication" },
"clientKeyPath": { "type": "string", "description": "Absolute path to the client key. Required for two-way SSL Authentication" }
}
}
}
},
"mySQL": {
@ -32,7 +41,16 @@
"port": { "type": "number", "description": "MySQL port number" },
"user": { "type": "string", "description": "MySQL username" },
"password": { "type": "string", "description": "MySQL password" },
"database": { "type": "string", "default": "meshcentral", "description": "Name of MySQL database used" }
"database": { "type": "string", "default": "meshcentral", "description": "Name of MySQL database used" },
"ssl": {
"type": "object",
"description": "SSL Options. Set to true (boolean) for default options.",
"properties": {
"caCertPath": { "type": "string", "description": "Absolute path to the CA certificate. Required for self-signed certificates" },
"clientCertPath": { "type": "string", "description": "Absolute path to the client certificate. Required for two-way SSL Authentication" },
"clientKeyPath": { "type": "string", "description": "Absolute path to the client key. Required for two-way SSL Authentication" }
}
}
}
},
"WANonly": { "type": "boolean", "default": false, "description": "When enabled, only MeshCentral WAN features are enabled and agents will connect to the server using a well known DNS name." },