Last active 2 weeks ago

With Zammad 6.2 existing configurations for Email channels and i-doit by default have ssl verification disabled. This code snippet activates SSL verification. This change ONLY affects existing, update installations.

Revision 337d7f772931de2f2a00f45094b55f1f2939653b

enforce_ssl_verify_true.rb Raw
1# Enables existing Email channels to verify SSL certificates
2# (MAY break Email communication if certificates are invalid!)
3
4Channel
5 .where(area: 'Email::Account Email::Notification')
6 .each do |channel|
7 ['inbound', 'outbound'].each do |dir|
8 next if ['pop3', 'imap', 'smtp'].exclude?(channel.options.dig(dir, :adapter))
9 next if !channel.options[dir].key? :options
10
11 channel.options[dir][:options][:ssl_verify] = true
12 end
13 channel.save!
14 end
15end
16
17# Enable SSL certificate verification for i-doit integration
18# (MAY break i-doit functionality if certificates are invalid!)
19
20config = Setting.get('idoit_config')
21unless config.blank? do
22 Setting.set('idoit_config', config.merge('verify_ssl' => true))
23end
24
25# Side note: Elasticsearch has an option to verify SSL as well. This might be an edge case.
26# By default these certificates are self-signed and thus you may not want to run this at all
27Setting.set('es_ssl_verify', true)