From a7c1bb7a838fcab7d2fd3784c749179e22724fb4 Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:12:03 +0100
Subject: [PATCH 01/13] add db encryption to form xml

---
 installation/forms/setup.xml | 86 ++++++++++++++++++++++++++++++++++++
 1 file changed, 86 insertions(+)

diff --git a/installation/forms/setup.xml b/installation/forms/setup.xml
index 61c3587613914..c1d421174f7e0 100644
--- a/installation/forms/setup.xml
+++ b/installation/forms/setup.xml
@@ -122,5 +122,91 @@
 			id="db_old"
 			default="backup"
 		/>
+
+		<field
+			name="db_encryption"
+			type="list"
+			label="INSTL_DATABASE_ENCRYPTION_ENABLE_LABEL"
+			desc="INSTL_DATABASE_ENCRYPTION_ENABLE_DESC"
+			class="custom-select"
+			required="true"
+			default="0"
+			filter="integer"
+			showon="db_host!:localhost"
+			>
+			<option value="0">INSTL_DATABASE_ENCRYPTION_ENABLE_VALUE_NONE</option>
+			<option value="1">INSTL_DATABASE_ENCRYPTION_ENABLE_VALUE_ONE_WAY</option>
+			<option value="2">INSTL_DATABASE_ENCRYPTION_ENABLE_VALUE_TWO_WAY</option>
+		</field>
+
+		<field
+			name="db_sslverifyservercert"
+			type="radio"
+			label="INSTL_DATABASE_ENCRYPTION_VERIFY_SERVER_CERT_LABEL"
+			desc="INSTL_DATABASE_ENCRYPTION_VERIFY_SERVER_CERT_DESC"
+			class="switcher"
+			default="0"
+			filter="boolean"
+			showon="db_encryption:1,2"
+			>
+			<option value="0">JNO</option>
+			<option value="1">JYES</option>
+		</field>
+
+		<field
+			name="db_sslkey"
+			type="text"
+			label="INSTL_DATABASE_ENCRYPTION_KEY_LABEL"
+			desc="INSTL_DATABASE_ENCRYPTION_KEY_DESC"
+			hint="INSTL_DATABASE_ENCRYPTION_KEY_HINT"
+			filter="string"
+			size="250"
+			showon="db_encryption:2"
+		/>
+
+		<field
+			name="db_sslcert"
+			type="text"
+			label="INSTL_DATABASE_ENCRYPTION_CERT_LABEL"
+			desc="INSTL_DATABASE_ENCRYPTION_CERT_DESC"
+			hint="INSTL_DATABASE_ENCRYPTION_CERT_HINT"
+			filter="string"
+			size="250"
+			showon="db_encryption:2"
+		/>
+
+		<field
+			name="db_sslca"
+			type="text"
+			label="INSTL_DATABASE_ENCRYPTION_CA_LABEL"
+			desc="INSTL_DATABASE_ENCRYPTION_CA_DESC"
+			hint="INSTL_DATABASE_ENCRYPTION_CA_HINT"
+			filter="string"
+			size="250"
+			showon="db_encryption:2"
+		/>
+
+		<field
+			name="db_sslcapath"
+			type="text"
+			label="INSTL_DATABASE_ENCRYPTION_CAPATH_LABEL"
+			desc="INSTL_DATABASE_ENCRYPTION_CAPATH_DESC"
+			hint="INSTL_DATABASE_ENCRYPTION_CAPATH_HINT"
+			filter="string"
+			size="250"
+			showon="db_encryption:2"
+		/>
+
+		<field
+			name="db_sslcipher"
+			type="text"
+			label="INSTL_DATABASE_ENCRYPTION_CIPHER_LABEL"
+			desc="INSTL_DATABASE_ENCRYPTION_CIPHER_DESC"
+			hint="INSTL_DATABASE_ENCRYPTION_CIPHER_HINT"
+			filter="string"
+			size="300"
+			showon="db_encryption:2"
+		/>
+
 	</fieldset>
 </form>

From 69cc94a0bb6d4988a8eeaa905ac96034b07f345c Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:14:20 +0100
Subject: [PATCH 02/13] add tls to database helper

---
 installation/src/Helper/DatabaseHelper.php | 41 +++++++++++++++++++++-
 1 file changed, 40 insertions(+), 1 deletion(-)

diff --git a/installation/src/Helper/DatabaseHelper.php b/installation/src/Helper/DatabaseHelper.php
index d0b4bd49f3aae..16d50e99c1297 100644
--- a/installation/src/Helper/DatabaseHelper.php
+++ b/installation/src/Helper/DatabaseHelper.php
@@ -30,12 +30,13 @@ abstract class DatabaseHelper
 	 * @param   string   $database  The database to use.
 	 * @param   string   $prefix    The table prefix to use.
 	 * @param   boolean  $select    True if the database should be selected.
+	 * @param   array    $ssl       Database TLS connection options.
 	 *
 	 * @return  DatabaseInterface
 	 *
 	 * @since   1.6
 	 */
-	public static function getDbo($driver, $host, $user, $password, $database, $prefix, $select = true)
+	public static function getDbo($driver, $host, $user, $password, $database, $prefix, $select = true, array $ssl = [])
 	{
 		static $db;
 
@@ -52,6 +53,22 @@ public static function getDbo($driver, $host, $user, $password, $database, $pref
 				'select'   => $select,
 			];
 
+			if (isset($ssl['dbencryption']) === true && (int) $ssl['dbencryption'] !== 0)
+			{
+				$options['ssl'] = [
+					'enable'             => true,
+					'verify_server_cert' => (bool) $ssl['dbsslverifyservercert'],
+				];
+				foreach (['cipher', 'ca', 'capath', 'key', 'cert'] as $value)
+				{
+					$confVal = trim($ssl['dbssl' . $value]);
+					if ($confVal !== '')
+					{
+						$options['ssl'][$value] = $confVal;
+					}
+				}
+			}
+
 			// Enable utf8mb4 connections for mysql adapters
 			if (strtolower($driver) === 'mysqli')
 			{
@@ -69,4 +86,26 @@ public static function getDbo($driver, $host, $user, $password, $database, $pref
 
 		return $db;
 	}
+
+	/**
+	 * Convert encryption options to array.
+	 *
+	 * @param   \stdClass  $options  The session options
+	 *
+	 * @return  array  The encryption settings
+	 *
+	 * @since   __DEPLOY_VERSION__
+	 */
+	public static function getEncryptionSettings($options)
+	{
+		return [
+			'dbencryption'          => $options->db_encryption,
+			'dbsslverifyservercert' => $options->db_sslverifyservercert,
+			'dbsslkey'              => $options->db_sslkey,
+			'dbsslcert'             => $options->db_sslcert,
+			'dbsslca'               => $options->db_sslca,
+			'dbsslcapath'           => $options->db_sslcapath,
+			'dbsslcipher'           => $options->db_sslcipher,
+		];
+	}
 }

From 8797f342e5195fe7ee6cb17c351f162c5ddd51e9 Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:16:20 +0100
Subject: [PATCH 03/13] add database tls to installation configuration model

---
 installation/src/Model/ConfigurationModel.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/installation/src/Model/ConfigurationModel.php b/installation/src/Model/ConfigurationModel.php
index c84655021981b..248f528ab3a98 100644
--- a/installation/src/Model/ConfigurationModel.php
+++ b/installation/src/Model/ConfigurationModel.php
@@ -275,7 +275,9 @@ private function createRootUser($options)
 				$options->db_user,
 				$options->db_pass_plain,
 				$options->db_name,
-				$options->db_prefix
+				$options->db_prefix,
+				true,
+				DatabaseHelper::getEncryptionSettings($options),
 			);
 		}
 		catch (\RuntimeException $e)

From 7df1e54a6bb8731e3ff2d971db1510cb45470d0a Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:18:06 +0100
Subject: [PATCH 04/13] add tls encryption to installation database model

---
 installation/src/Model/DatabaseModel.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/installation/src/Model/DatabaseModel.php b/installation/src/Model/DatabaseModel.php
index 006d95728e02f..0bdaf815693ee 100644
--- a/installation/src/Model/DatabaseModel.php
+++ b/installation/src/Model/DatabaseModel.php
@@ -307,7 +307,8 @@ public function initialise()
 				$options->db_pass_plain,
 				$options->db_name,
 				$options->db_prefix,
-				isset($options->db_select) ? $options->db_select : false
+				isset($options->db_select) ? $options->db_select : false,
+				DatabaseHelper::getEncryptionSettings($options),
 			);
 		}
 		catch (\RuntimeException $e)
@@ -380,6 +381,7 @@ public function createDatabase($options)
 					'password' => $options->db_pass_plain,
 					'prefix'   => $options->db_prefix,
 					'select'   => $options->db_select,
+					DatabaseHelper::getEncryptionSettings($options),
 				);
 
 				$altDB = DatabaseDriver::getInstance($altDBoptions);

From 9709befcc73e05fa4e1189540ba098e6adb65ebf Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:19:11 +0100
Subject: [PATCH 05/13] add tls encryption to installation setup model

---
 installation/src/Model/SetupModel.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/installation/src/Model/SetupModel.php b/installation/src/Model/SetupModel.php
index 7dd2faceefde6..541c8915e0006 100644
--- a/installation/src/Model/SetupModel.php
+++ b/installation/src/Model/SetupModel.php
@@ -364,7 +364,8 @@ public function validateDbConnection()
 				$options->db_pass_plain,
 				$options->db_name,
 				$options->db_prefix,
-				isset($options->db_select) ? $options->db_select : false
+				isset($options->db_select) ? $options->db_select : false,
+				DatabaseHelper::getEncryptionSettings($options),
 			);
 
 			$db->connect();

From f4e6bee087ca5d50a87c7364b0511ac21a394abf Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:20:43 +0100
Subject: [PATCH 06/13] =?UTF-8?q?Add=20the=20new=20fields=20to=20the=20set?=
 =?UTF-8?q?up=20view=20template=20=E2=80=A6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We need to render the field in one go because of showon conditions only work this way (showon data attribute is the parent label - see the Form renderField method for more info).
---
 installation/tmpl/setup/default.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/installation/tmpl/setup/default.php b/installation/tmpl/setup/default.php
index 4d496164d48a7..125bf4e2fece4 100644
--- a/installation/tmpl/setup/default.php
+++ b/installation/tmpl/setup/default.php
@@ -102,6 +102,13 @@
 					<?php echo $this->form->getLabel('db_prefix'); ?>
 					<?php echo $this->form->getInput('db_prefix'); ?>
 				</div>
+				<?php echo $this->form->getField('db_encryption')->renderField(); ?>
+				<?php echo $this->form->getField('db_sslverifyservercert')->renderField(); ?>
+				<?php echo $this->form->getField('db_sslkey')->renderField(); ?>
+				<?php echo $this->form->getField('db_sslcert')->renderField(); ?>
+				<?php echo $this->form->getField('db_sslca')->renderField(); ?>
+				<?php echo $this->form->getField('db_sslcapath')->renderField(); ?>
+				<?php echo $this->form->getField('db_sslcipher')->renderField(); ?>
 				<div class="form-group">
 					<?php //echo $this->form->getLabel('db_old'); ?>
 					<?php echo $this->form->getInput('db_old'); ?>

From 892250f2a3d689510473b1ca9ce87b95f73db865 Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:22:09 +0100
Subject: [PATCH 07/13] serialiseForm form (used before POSTing the data via
 ajax) needs also to take in consideration the radio input types

---
 installation/template/js/template.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/installation/template/js/template.js b/installation/template/js/template.js
index 32fbf67f52343..0e3be0f3a4a79 100644
--- a/installation/template/js/template.js
+++ b/installation/template/js/template.js
@@ -14,7 +14,7 @@
       var name = elements[i].name;
       var value = elements[i].value;
       if(name) {
-        if ((elements[i].type === 'checkbox' && elements[i].checked === true) || (elements[i].type !== 'checkbox')) {
+        if (((elements[i].type === 'checkbox' || elements[i].type === 'radio') && elements[i].checked === true) || (elements[i].type !== 'checkbox' && elements[i].type !== 'radio')) {
           obj.push(name.replace('[', '%5B').replace(']', '%5D') + '=' + encodeURIComponent(value));
         }
       }

From 74e400a27fe0a95af64a0a564c37d624cc3ef95e Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:27:02 +0100
Subject: [PATCH 08/13] Add the new language variables to en-GB

---
 installation/language/en-GB/en-GB.ini | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/installation/language/en-GB/en-GB.ini b/installation/language/en-GB/en-GB.ini
index d8c09ce9749ed..d5fba73fce3ca 100644
--- a/installation/language/en-GB/en-GB.ini
+++ b/installation/language/en-GB/en-GB.ini
@@ -28,6 +28,16 @@ INSTL_SETUP_LOGIN_DATA="Setup Login Data"
 
 ;Precheck view
 INSTL_DATABASE_SUPPORT="Database Support:"
+INSTL_DATABASE_ENCRYPTION_CA_LABEL="Path to CA File"
+INSTL_DATABASE_ENCRYPTION_CAPATH_LABEL="Path to CA Folder"
+INSTL_DATABASE_ENCRYPTION_CERT_LABEL="Path to Certificate File"
+INSTL_DATABASE_ENCRYPTION_CIPHER_LABEL="Supported Cipher Suite"
+INSTL_DATABASE_ENCRYPTION_ENABLE_LABEL="Connection Encryption"
+INSTL_DATABASE_ENCRYPTION_ENABLE_VALUE_NONE="Default (server controlled)"
+INSTL_DATABASE_ENCRYPTION_ENABLE_VALUE_ONE_WAY="One-way encryption"
+INSTL_DATABASE_ENCRYPTION_ENABLE_VALUE_TWO_WAY="Two-way encryption"
+INSTL_DATABASE_ENCRYPTION_KEY_LABEL="Path to Private Key File"
+INSTL_DATABASE_ENCRYPTION_VERIFY_SERVER_CERT_LABEL="Verify Server Certificate"
 INSTL_JSON_SUPPORT_AVAILABLE="JSON Support"
 INSTL_MB_LANGUAGE_IS_DEFAULT="MB Language is Default"
 INSTL_MB_STRING_OVERLOAD_OFF="MB String Overload Off"

From f07bec8cff16421ae221e8bceee2063a773db5d9 Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:27:37 +0100
Subject: [PATCH 09/13] Add the new database variables to en-US

---
 installation/language/en-US/en-US.ini | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/installation/language/en-US/en-US.ini b/installation/language/en-US/en-US.ini
index dfdb4437ec119..dc96c089e9348 100644
--- a/installation/language/en-US/en-US.ini
+++ b/installation/language/en-US/en-US.ini
@@ -51,6 +51,16 @@ INSTL_ZLIB_COMPRESSION_SUPPORT="Zlib Compression Support"
 
 ; Database view
 INSTL_DATABASE="Database Configuration"
+INSTL_DATABASE_ENCRYPTION_CA_LABEL="Path to CA File"
+INSTL_DATABASE_ENCRYPTION_CAPATH_LABEL="Path to CA Folder"
+INSTL_DATABASE_ENCRYPTION_CERT_LABEL="Path to Certificate File"
+INSTL_DATABASE_ENCRYPTION_CIPHER_LABEL="Supported Cipher Suite"
+INSTL_DATABASE_ENCRYPTION_ENABLE_LABEL="Connection Encryption"
+INSTL_DATABASE_ENCRYPTION_ENABLE_VALUE_NONE="Default (server controlled)"
+INSTL_DATABASE_ENCRYPTION_ENABLE_VALUE_ONE_WAY="One-way encryption"
+INSTL_DATABASE_ENCRYPTION_ENABLE_VALUE_TWO_WAY="Two-way encryption"
+INSTL_DATABASE_ENCRYPTION_KEY_LABEL="Path to Private Key File"
+INSTL_DATABASE_ENCRYPTION_VERIFY_SERVER_CERT_LABEL="Verify Server Certificate"
 INSTL_DATABASE_ERROR_POSTGRESQL_QUERY="PostgreSQL database query failed."
 INSTL_DATABASE_HOST_DESC="Enter the host name, usually \"localhost\" or a name provided by your host."
 INSTL_DATABASE_HOST_LABEL="Host Name"

From f9848625febf7d481bd287880295f534e285e78b Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sun, 20 Oct 2019 18:28:51 +0100
Subject: [PATCH 10/13] remove hints and desc from xml

---
 installation/forms/setup.xml | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/installation/forms/setup.xml b/installation/forms/setup.xml
index c1d421174f7e0..bb144d2b69981 100644
--- a/installation/forms/setup.xml
+++ b/installation/forms/setup.xml
@@ -127,7 +127,6 @@
 			name="db_encryption"
 			type="list"
 			label="INSTL_DATABASE_ENCRYPTION_ENABLE_LABEL"
-			desc="INSTL_DATABASE_ENCRYPTION_ENABLE_DESC"
 			class="custom-select"
 			required="true"
 			default="0"
@@ -143,7 +142,6 @@
 			name="db_sslverifyservercert"
 			type="radio"
 			label="INSTL_DATABASE_ENCRYPTION_VERIFY_SERVER_CERT_LABEL"
-			desc="INSTL_DATABASE_ENCRYPTION_VERIFY_SERVER_CERT_DESC"
 			class="switcher"
 			default="0"
 			filter="boolean"
@@ -157,8 +155,6 @@
 			name="db_sslkey"
 			type="text"
 			label="INSTL_DATABASE_ENCRYPTION_KEY_LABEL"
-			desc="INSTL_DATABASE_ENCRYPTION_KEY_DESC"
-			hint="INSTL_DATABASE_ENCRYPTION_KEY_HINT"
 			filter="string"
 			size="250"
 			showon="db_encryption:2"
@@ -168,8 +164,6 @@
 			name="db_sslcert"
 			type="text"
 			label="INSTL_DATABASE_ENCRYPTION_CERT_LABEL"
-			desc="INSTL_DATABASE_ENCRYPTION_CERT_DESC"
-			hint="INSTL_DATABASE_ENCRYPTION_CERT_HINT"
 			filter="string"
 			size="250"
 			showon="db_encryption:2"
@@ -179,8 +173,6 @@
 			name="db_sslca"
 			type="text"
 			label="INSTL_DATABASE_ENCRYPTION_CA_LABEL"
-			desc="INSTL_DATABASE_ENCRYPTION_CA_DESC"
-			hint="INSTL_DATABASE_ENCRYPTION_CA_HINT"
 			filter="string"
 			size="250"
 			showon="db_encryption:2"
@@ -190,8 +182,6 @@
 			name="db_sslcapath"
 			type="text"
 			label="INSTL_DATABASE_ENCRYPTION_CAPATH_LABEL"
-			desc="INSTL_DATABASE_ENCRYPTION_CAPATH_DESC"
-			hint="INSTL_DATABASE_ENCRYPTION_CAPATH_HINT"
 			filter="string"
 			size="250"
 			showon="db_encryption:2"
@@ -201,8 +191,6 @@
 			name="db_sslcipher"
 			type="text"
 			label="INSTL_DATABASE_ENCRYPTION_CIPHER_LABEL"
-			desc="INSTL_DATABASE_ENCRYPTION_CIPHER_DESC"
-			hint="INSTL_DATABASE_ENCRYPTION_CIPHER_HINT"
 			filter="string"
 			size="300"
 			showon="db_encryption:2"

From 5c8c235364d52c2c7a4fa552a7eb6eb2803ac357 Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sat, 26 Oct 2019 11:27:34 +0100
Subject: [PATCH 11/13] improve showon, and remove capath and cipher from
 postgresql

---
 installation/forms/setup.xml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/installation/forms/setup.xml b/installation/forms/setup.xml
index bb144d2b69981..d093f284c50cd 100644
--- a/installation/forms/setup.xml
+++ b/installation/forms/setup.xml
@@ -145,7 +145,7 @@
 			class="switcher"
 			default="0"
 			filter="boolean"
-			showon="db_encryption:1,2"
+			showon="db_host!:localhost[AND]db_encryption:1,2"
 			>
 			<option value="0">JNO</option>
 			<option value="1">JYES</option>
@@ -157,7 +157,7 @@
 			label="INSTL_DATABASE_ENCRYPTION_KEY_LABEL"
 			filter="string"
 			size="250"
-			showon="db_encryption:2"
+			showon="db_host!:localhost[AND]db_encryption:2"
 		/>
 
 		<field
@@ -166,7 +166,7 @@
 			label="INSTL_DATABASE_ENCRYPTION_CERT_LABEL"
 			filter="string"
 			size="250"
-			showon="db_encryption:2"
+			showon="db_host!:localhost[AND]db_encryption:2"
 		/>
 
 		<field
@@ -175,7 +175,7 @@
 			label="INSTL_DATABASE_ENCRYPTION_CA_LABEL"
 			filter="string"
 			size="250"
-			showon="db_encryption:2"
+			showon="db_host!:localhost[AND]db_encryption:2"
 		/>
 
 		<field
@@ -184,7 +184,7 @@
 			label="INSTL_DATABASE_ENCRYPTION_CAPATH_LABEL"
 			filter="string"
 			size="250"
-			showon="db_encryption:2"
+			showon="db_host!:localhost[AND]db_type:mysql,mysqli[AND]db_encryption:2"
 		/>
 
 		<field
@@ -193,7 +193,7 @@
 			label="INSTL_DATABASE_ENCRYPTION_CIPHER_LABEL"
 			filter="string"
 			size="300"
-			showon="db_encryption:2"
+			showon="db_host!:localhost[AND]db_type:mysql,mysqli[AND]db_encryption:2"
 		/>
 
 	</fieldset>

From 1fcdcd909e203ed3c1f04395d7adb903642bf88d Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Sat, 26 Oct 2019 11:29:03 +0100
Subject: [PATCH 12/13] reset db encryption fields onchange and onkyup when is
 db host is localhost

---
 installation/template/js/setup.js | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/installation/template/js/setup.js b/installation/template/js/setup.js
index 7e02da13b509d..2bc789f265c90 100644
--- a/installation/template/js/setup.js
+++ b/installation/template/js/setup.js
@@ -117,6 +117,23 @@ Joomla.checkDbCredentials = function() {
   });
 };
 
+/**
+ * Method reset DB Encryption fields when localhost is chosen
+ *
+ * @return void
+ */
+Joomla.resetDbEncryptionFields = function() {
+	if (document.getElementById('jform_db_host').value === 'localhost') {
+		document.getElementById('jform_db_sslverifyservercert0').checked = true;
+		document.getElementById('jform_db_sslverifyservercert1').checked = false;
+		document.getElementById('jform_db_sslkey').value = '';
+		document.getElementById('jform_db_sslcert').value = '';
+		document.getElementById('jform_db_sslca').value = '';
+		document.getElementById('jform_db_sslcapath').value = '';
+		document.getElementById('jform_db_sslcipher').value = '';
+		document.getElementById('jform_db_encryption').value = 0;
+	}
+};
 
 (function() {
   // Merge options from the session storage
@@ -180,6 +197,12 @@ Joomla.checkDbCredentials = function() {
           if (document.getElementById('jform_db_type')) {
             document.getElementById('jform_db_type').focus();
           }
+
+		  // Attach event to dbhost field
+			var dbHostField = document.getElementById('jform_db_host');
+
+			dbHostField.addEventListener('change', Joomla.resetDbEncryptionFields);
+			dbHostField.addEventListener('keyup', Joomla.resetDbEncryptionFields);
         }
       }
     });
@@ -190,5 +213,5 @@ Joomla.checkDbCredentials = function() {
       Joomla.checkInputs();
     })
   }
-
+ 
 })();

From c0c22559744177e0cad28989d06162b732c38e72 Mon Sep 17 00:00:00 2001
From: andrepereiradasilva <andrepereiradasilva@users.noreply.github.com>
Date: Tue, 29 Oct 2019 23:03:17 +0000
Subject: [PATCH 13/13] Apply suggestions from code review

Silly mistake ... Sorry richard

Co-Authored-By: Richard Fath <richard67@users.noreply.github.com>
---
 installation/src/Model/ConfigurationModel.php | 2 +-
 installation/src/Model/DatabaseModel.php      | 2 +-
 installation/src/Model/SetupModel.php         | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/installation/src/Model/ConfigurationModel.php b/installation/src/Model/ConfigurationModel.php
index 248f528ab3a98..f76820a44d995 100644
--- a/installation/src/Model/ConfigurationModel.php
+++ b/installation/src/Model/ConfigurationModel.php
@@ -277,7 +277,7 @@ private function createRootUser($options)
 				$options->db_name,
 				$options->db_prefix,
 				true,
-				DatabaseHelper::getEncryptionSettings($options),
+				DatabaseHelper::getEncryptionSettings($options)
 			);
 		}
 		catch (\RuntimeException $e)
diff --git a/installation/src/Model/DatabaseModel.php b/installation/src/Model/DatabaseModel.php
index 0bdaf815693ee..56904fb2b46b2 100644
--- a/installation/src/Model/DatabaseModel.php
+++ b/installation/src/Model/DatabaseModel.php
@@ -308,7 +308,7 @@ public function initialise()
 				$options->db_name,
 				$options->db_prefix,
 				isset($options->db_select) ? $options->db_select : false,
-				DatabaseHelper::getEncryptionSettings($options),
+				DatabaseHelper::getEncryptionSettings($options)
 			);
 		}
 		catch (\RuntimeException $e)
diff --git a/installation/src/Model/SetupModel.php b/installation/src/Model/SetupModel.php
index 541c8915e0006..67e1e78bdb987 100644
--- a/installation/src/Model/SetupModel.php
+++ b/installation/src/Model/SetupModel.php
@@ -365,7 +365,7 @@ public function validateDbConnection()
 				$options->db_name,
 				$options->db_prefix,
 				isset($options->db_select) ? $options->db_select : false,
-				DatabaseHelper::getEncryptionSettings($options),
+				DatabaseHelper::getEncryptionSettings($options)
 			);
 
 			$db->connect();