SSL Connection Support to MariaDB for Azure instance

SSL Connection Support to MariaDB for Azure instance

by Douglas Ward -
Number of replies: 4

I am in the process of migrating our Moodle 3.11+ instance offsite to our Azure cloud. We have a CentOS 7 VM set up with a MariaDB for Azure service running the database. We require SSL connections to this database server. Does anyone know how to set up Moodle to connect using SSL? We have two other WordPress instances running on the server and connected to the database via SSL, we have handled all SELINUX issues, verified that Apache can connect to the db server, and are trying to add this Moodle instance as well.

I have researched online and found code updates that seem to have stopped working between versions 3.8 and 3.9. If anyone has an idea on how to successfully switch Moodle over to SSL connections I would be most appreciative. Thanks!

Average of ratings: -
In reply to Douglas Ward

Re: SSL Connection Support to MariaDB for Azure instance

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
The unhelpful answer is that Moodle doesn't support SSL connections - https://tracker.moodle.org/browse/MDL-54704

Have you considered an SSL proxy? I have no idea if it works or would be performant.
Average of ratings: -
In reply to Howard Miller

Re: SSL Connection Support to MariaDB for Azure instance

by Douglas Ward -
Thank you for your response! I was afraid that was the answer. I worked around it by deploying a local MariaDB server. I'm concerned about editing source connection files when it comes time to update moodle - changes are lost and I have to remember to add them back. I'll stick with this for now. This is a real security issue if you ever want to grow your student population beyond what one DB/web server can handle.
Average of ratings: -
In reply to Douglas Ward

Re: SSL Connection Support to MariaDB for Azure instance

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
Well.... been doing it for years and it isn't really. I think it's something worth fixing, however.
Average of ratings: -
In reply to Howard Miller

Re: SSL Connection Support to MariaDB for Azure instance

by seaghan moriarty -
I have not tried/tested - but this might help?
https://docs.microsoft.com/en-us/azure/mariadb/howto-redirection

It's something we will try in the next few days on 1 Moodle we have with Azure RDS. Even when we got it working/installed, it still reports MySQL version when trying to update - so all updates fail. Perhaps the redirection above will get around this Azure MariaDB mis-reporting.

Here is a similar discussion on Moodle: https://moodle.org/mod/forum/discuss.php?d=414845
Sorry I don't have the URL where Microsoft document this mis-reporting as a recognised bug

HTH!
Average of ratings: -