[CalendarServer-dev] SSL connection to DB server gone in 8.0?

Andre LaBranche dre at apple.com
Thu Jun 2 18:48:33 PDT 2016


"Endpoint" in this context means "twisted endpoint". Twisted endpoints provide an abstract (but not too abstract) means for doing things like listening and connecting, and include TLS support.


An example (minimally specified) TLS endpoint: tls:example.com:443.

Note: we tend to use UNIX domain sockets much more than TCP these days, and I don't believe I've ever tested TLS from CalendarServer to Postgres, but it should work if Postgres is configured correctly and you do the right stuff with certs, etc.

To answer your question, I think the adoption of endpoints by CalendarServer was intended to reap the benefits of endpoints over the previous connection handling code, and omission of a separate TLS parameter is a side effect.


Sent from my iPhone

> On Jun 2, 2016, at 8:48 AM, Axel Rau <Axel.Rau at chaos1.de> wrote:
>    "DatabaseConnection": { # Used to connect to an external database if DBType is non-empty
>        "endpoint": "",     # Database connection endpoint
>        "database": "",     # Name of database or Oracle SID
>        "user": "",         # User name to connect as
>        "password": "",     # Password to use
>    },
> Is this intentional to omit the ssl parameter here?
> Axel
> ---
> PGP-Key:29E99DD6  ☀  computing @ chaos claudius
> _______________________________________________
> calendarserver-dev mailing list
> calendarserver-dev at lists.macosforge.org
> https://lists.macosforge.org/mailman/listinfo/calendarserver-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-dev/attachments/20160602/c9a272a7/attachment.html>

More information about the calendarserver-dev mailing list