Presently looking for a way to connect nextcloud to postgresql using SSL.
My current stack:
PHP 7.1.16 (fpm-fcgi)
So from what I can see everything except nextcloud supports this functionality:
Would it be possible to extend the configuration parameters necessary to
get ‘dbsslkey’, etc for config.php? I’d really like a pg_hba entry that looks like this:
hostssl nextcloud nextcloud 0.0.0.0/0 cert
Already working with my client (ex. - psql (10.3) SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384 )
Figured it out myself.
The config parameters are simply passed to the PDO DSN from the host string, so your nextcloud config would need something that looked like this:
‘dbhost’ => ‘127.0.0.1:5432;sslmode=verify-full;sslcert=~/.postgresql/postgresql.crt;sslkey=~/.postgresql/postgresql.key;sslrootcert=~/.postgresql/root.crt’
Is 127.0.0.1 just an example or are you actually connecting to localhost with SSL?
Just a sanitized example.
Sorry for bumping this topic. I am trying to connect my Nextcloud instance to a manated postgresql 12 database in DigitalOcean. Connection is done only via SSL.
I follow the recommendation from above:
“dbhost” => “endpont:25060;sslmode=require;sslcert=/path/to/db_certificate.crt;”
but I always get server error with:
"## Internal Server Error
The server was unable to complete your request.
If this happens again, please send the technical details below to the server administrator.
More details can be found in the server log."
but the server does not create any errors in the instance. Not even after manually creating a nextcloud.log file and granting access to www-data.
I see in @kbaegis post there is a sslkey and sslrootcert but there is only CA file to download from the managed databases in digitalocean.
Does anyone know what am I doing wrong? Any ideas?