Using MariaDB with SSL

timscha · April 14, 2019, 7:15am

Hello!

I switched my database setup, so I have an external database server running MariaDB with ssl enabled.
Now I moved the database from the old to the external server which is working fine, but after I do the setup for ssl on MariaDB I got an exception (see attached).

I can confirm I can connect with the login details provided with nextcloud on the ssh terminal.
I can also confirm that I worked for other systems like Wordpress and it worked if I remove the required SSL, so I’m sure that this is a nextcloud related thing.

And yes, I tried it also with the following code which you can find when you search for this problem:

’dbdriveroptions’ => array (
PDO::MYSQL_ATTR_SSL_KEY => ‘/etc/mysql/ssl/client-key.pem’,
PDO::MYSQL_ATTR_SSL_CERT => ‘/etc/mysql/ssl/client-cert.pem’,
PDO::MYSQL_ATTR_SSL_CA => ‘/etc/mysql/ssl/ca-cert.pem’,
)

Nextcloud version: 15.0.7
Operating system and version Debian 9.8
Apache or nginx version: nginx 1.15.11
PHP version (eg, 7.1): 7.3

2019/04/13 22:17:37 [error] 1498#1498: *5 FastCGI sent in stderr: "PHP message: PHP Fatal error:  Uncaught Doctrine\DBAL\DBALException: Failed to connect to the database: An exception occurred in driver: SQLSTATE[HY000] [1045] Access denied for user 'nc_scharner_usr'@'IP_OF_DBSERVER' (using password: YES) in /var/www/nc-sch-prod/htdocs/lib/private/DB/Connection.php:64
Stack trace:
#0 /var/www/nc-sch-prod/htdocs/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(448): OC\DB\Connection->connect()
#1 /var/www/nc-sch-prod/htdocs/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(410): Doctrine\DBAL\Connection->getDatabasePlatformVersion()
#2 /var/www/nc-sch-prod/htdocs/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(354): Doctrine\DBAL\Connection->detectDatabasePlatform()
#3 /var/www/nc-sch-prod/htdocs/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(710): Doctrine\DBAL\Connection->getDatabasePlatform()
#4 /var/www/nc-sch-prod/htdocs/lib/private/DB/Connection.php(151): Doctrine\DBAL\Connection->setTransactionIsolation(2)
#5 /var/www/nc-sch-p...PHP message: PHP Fatal error:  Uncaught Doctrine\DBAL\DBALException: Failed to connect to the database: An exception occurred in driver: SQLSTATE[HY000] [1045] Access denied for user 'nc_scharner_usr'@'IP_OF_DBSERVER' (using password: YES) in /var/www/nc-sch-prod/htdocs/lib/private/DB/Connection.php:64

yourcloudasia · April 15, 2019, 3:57am

Can you post the relevant sections of your config.php file?

timscha · April 15, 2019, 7:44am

Sure:

  'dbname' => 'nc_cloud',
  'dbhost' => 'myhostname.cloud',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nc_mydb_usr',
  'dbpassword' => 'myPassword'

yourcloudasia · April 16, 2019, 2:18am

The port number doesn’t change? Or it uses STARTTLS?

timscha · April 16, 2019, 6:42am

Nop, default 3306 with normal ssl.

yourcloudasia · April 17, 2019, 2:05am

So you moved the database from one server to another one? Can you try the new server without SSL?

People have had problems changing the DB server from one IP to another, so you may want to search for that.

timscha · April 17, 2019, 9:03am

The new server is working fine without SSL. There is no problem using wrong login details or hostname.
I can also confirm it is working with other systems like Wordpress, if I enable SSL.