Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

Secure connection if web server and MySQL on different servers

I'm on ost v1.9.8

I read the following topic.

Web server and MySQL on different servers


@phantomofrussia  has confirmed OST scripts and MySQL database on different server will work.

Is there any performance issue when they are in 2 different servers issue?
Will OST end up with any errors on reading data or writing data since the application and database are not on the same servers?

And i suppose the data transfer between the web server and MySQL server is NOT encrypted?
Anyone have experience if encryption is required in such case?

Thanks.

Comments

  • In ost-config.php, there is some mentions for using SSL

    # SSL Options
    # ---------------------------------------------------
    # SSL options for MySQL can be enabled by adding a certificate allowed by
    # the database server here. To use SSL, you must have a client certificate
    # signed by a CA (certificate authority). You can easily create this
    # yourself with the EasyRSA suite. Give the public CA certificate, and both
    # the public and private parts of your client certificate below.
    #
    # Once configured, you can ask MySQL to require the certificate for
    # connections:

    But also @ntozier mention this feature is not yet implemented, is that what you mean?

    ost-config.php - SSL options



  • 1.9.8?  Thats pretty old you should probably upgrade.

    Q: Is there any performance issue when they are in 2 different servers issue?
    A: There can be.  Depends on how far apart the two machines are and the pipes between them.  (aka latency)

    Q: Will OST end up with any errors on reading data or writing data since the application and database are not on the same servers?
    A: Only if it cannot fetch the information that it needs.

    Q: And i suppose the data transfer between the web server and MySQL server is NOT encrypted?
    A: Depends on if you are using SSL or not.

    Re: But also @ntozier mention this feature is not yet implemented, is that what you mean?
    This thread is from 2014.  I do not know if it was ever finished, but I would presuemt that it probably works at this point.
  • Thanks @ntozier

    In latest v1.9.14, ost-config.php, there is some further mentions for using SSL

    # Once configured, you can ask MySQL to require the certificate for
    # connections:
    #
    # > create user osticket;
    # > grant all on osticket.* to osticket require subject '<subject>';
    #
    # More information (to-be) available in doc/security/hardening.md

    # define('DBSSLCA','/path/to/ca.crt');
    # define('DBSSLCERT','/path/to/client.crt');
    # define('DBSSLKEY','/path/to/client.key');

    ~~~~~~~~~~~~~

    don't see any documentation on implementing SSL.

    just wonder if anyone got any success yet?
Sign In or Register to comment.