@urda opened this Issue on January 15th 2015

Feature Request

I'm not seeing any options in Piwik for enabling the MySQL connectors to use SSL. It's very important that we are given the capability of encrypting our connections to database servers, since they may not always be on the same server as Piwik.

@urda commented on January 20th 2015

@tsteur Thank you for seeing this and triaging it :smile:

@urda commented on January 20th 2015

For reference, projects such as osTicket provide additional config variables as the following:

define('DBSSLCA','/path/to/ca.crt');
define('DBSSLCERT','/path/to/client.crt');
define('DBSSLKEY','/path/to/client.key');

So for example, an Amazon RDS connection will only need to define DBSSLCA in the config for an SSL connection to operate.

@tsteur commented on June 29th 2015 Owner

Not directly related to resolve this issue but maybe an interesting read: https://www.facebook.com/MySQLatFacebook/posts/10153074619236696

@mattab commented on September 23rd 2016 Owner

The pull request @ https://github.com/piwik/piwik/pull/8049 is a great start - we have closed it for now as nobody is working on it, but if you are reading this, please consider finish the pull request so we can merge it in Piwik!

@mattab commented on April 26th 2017 Owner

there was a lot of work done for this feature in the pull request here: https://github.com/piwik/piwik/pull/10866 - it is only missing the automated tests

@RafalLukawiecki commented on November 9th 2017

Since this issue has been in the works for over 2 years, does it mean something is blocking it so much that it is unlikely to be implemented soon?

If so, is there a recommended workaround to prevent Piwik from sending database passwords in clear text, without encryption? Many thanks for your time working on this issue and for answering my question.

Powered by GitHub Issue Mirror