diff --git a/Installation.md b/Installation.md index 0ec6ed1..784a548 100644 --- a/Installation.md +++ b/Installation.md @@ -45,6 +45,38 @@ For translating the web interface, see the [README](https://gitlab.com/ruany/lit If you want to customize the English messages, you can edit [lang/en_US.utf8.php](https://gitlab.com/ruany/litebans-php/blob/master/lang/en_US.utf8.php). +## SSL +Note: "When running a PHP version before 7.1.16, or PHP 7.2 before 7.2.4, set MySQL 8 Server's default password plugin to +_mysql_native_password_ or else you will see errors similar to _The server requested authentication method unknown to the client [caching_sha2_password]_ even when caching_sha2_password is not used." + +(from https://dev.mysql.com/doc/connectors/en/apis-php-pdo-mysql.html) + +To enable SSL, find this section in settings.php: +``` + $options = array( + PDO::ATTR_TIMEOUT => 5, + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::ATTR_EMULATE_PREPARES => false, + PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8", + ); +``` +Change it to: +``` + $options = array( + PDO::ATTR_TIMEOUT => 5, + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::ATTR_EMULATE_PREPARES => false, + PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8", + PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false, + PDO::MYSQL_ATTR_SSL_KEY => '/etc/mysql/client-key.pem', + PDO::MYSQL_ATTR_SSL_CERT => '/etc/mysql/client-cert.pem', + PDO::MYSQL_ATTR_SSL_CA => '/etc/mysql/cacert.pem', + ); +``` +Ensure that all of the paths are correct (client key, client certificate, and CA) as they might differ on your system. + +Use the paths for the client key/certificate rather than the server key/certificate as these are two separate things. + ## Troubleshooting If bans don't show up: