New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
'occ maintenance:install' fails using MySQL with SSL enabled #19738
Comments
Can confirm this behavior. Who maintains the ssl portion of mysql? @ChristophWurst would that be you?? :) To be fair a proxy mysql server is doable but it would be nice if this worked in NC 20. |
I suppose this is still valid? |
Yes, because the installer of 21.0.3.1 ignores the dbdriveroptions section. |
This comment was marked as resolved.
This comment was marked as resolved.
Hi @szaimen |
I think the root of this issue is because the setup process doesn't use the normal db layer. And the constants being rewritten issue is because the config gets rewritten and their names are lost along the way. That's a mess waiting to happen since a new PHP version could break the constant values (they've already changed before). Also, that config (which is in our docs and, unfortunately, doesn't say as much) isn't for Thus this config is, at best, overkill. I think the reason it works at all is because the db server just ignores (or doesn't ask for) a client cert as long as the user was only created with
In theory either of the below should be sufficient for a basic TLS connection: For a basic TLS connection (TLS encryption but not verification of the server offered cert):
The SSL_CA file be set to anything - as long at it something - if VERIFY_CERT is false. For a basic TLS connection with verification of the server offered cert:
Apparently SSL based connects to db servers are rare because I can't find any other bug reports about this. 😄 |
It took me a few hours to find this issue and thanks to you solved the broken Nextcloud installation. I can confirm that this problem is also included in the latest version (27). To solve this, it was enough to temporarily disable |
Hello everyone,
The installation process fails directly when I enforce SSL for MySQL.
Steps to reproduce
CREATE USER ... REQUIRE SSL
config.php
to tell the driver the certificates' locationUse occ to install
Actual behaviour
The installation fails with
and
occ maintenance:install
modifies theconfig.php
file, turning this part:into
If I do the installation without enforcing SSL for MySQL, and that I define
REQUIRE SSL
for SQL user anddbdriveroptions
AFTER INSTALLATION , everything works fine.Expected behaviour
It should connect to mySQL server using SSL options defined in
config.php
The text was updated successfully, but these errors were encountered: