Unable to connect to MariaDB with SSL

1

Hello,
I would like to use Crowdsec with an external MariaDB-Cluster as backend for the Lapi. When I configured Crowdsec to use the DB on the Cluster, I got an access denied error until I disabled SSL for that database. According to the documentation, SSL can be used with Postgres. But I could not find any mention of using it with Mysql/MariaDB. Is there any option to enable SSL with MariaDB that I did not see?
Thanks in advance

2

Hey :wave:

Looking at the code it seems we do not take into account a SSL mode

I can dive into the documentation for what the connect string should be if SSL is enabled, however, if you know then please add it to the discussion

Edit: it seems mysql driver for golang uses the tls param

3

Alright, so in order to make the db connection work with tls, I would have to add the parameter in that database.go file and then compile crowdsec myself?

4

We have a soft feature lock for 1.6.2 already in progress, I apologize I forgot to raise as an actual issue so I will create a tag a fix for 1.6.3

Edit: [mariadb/msql] Add support for SSL flag · Issue #2993 · crowdsecurity/crowdsec · GitHub

Edit Edit: I have asked the dev team if there a possibility to sneak in the fix to 1.6.2 but cant guarantee anything

5

FYI, the dev team have accepted a PR for 1.6.2 so I have just crafted the changes it was pretty simple honestly and I tested it locally with a self sign certificate.

6

Wow that ist cool. Thank you very much, I am looking forward to using that version :slight_smile: