Occ maintenance:install MySQL with SSL

Server
, ,
1

Hello everyone,

I’m installing an OwnCloud 10.1.0 with MySQL and SSL required. The OwnCloud installation process fails directly when I enforce SSL for MySQL.

Steps to reproduce

  1. Configure MySQL to force SSL connections (require_secure_transport = ON), generate certificates and all.
  2. Get the latest version of OwnCloud, as of now it’s 10.1.0
  3. Modify config.php to tell the driver the certificates’ location
<?php
$CONFIG = array (
...
  'dbdriveroptions' => array(
    PDO::MYSQL_ATTR_SSL_KEY =>'/etc/xxx',
    PDO::MYSQL_ATTR_SSL_CERT =>'/etc/xxx',
    PDO::MYSQL_ATTR_SSL_CA => '/etc/xxx',
    PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false,
  ),
...
);
  1. Use occ to install
occ maintenance:install \
                --database "mysql" --database-name "db_name" --database-host=127.0.0.1 \
                --database-user "user" --database-pass "password" \
                --admin-user "user" --admin-pass "password"

Actual behaviour

The installation fails because occ maintenance:install modifies the config.php turning this part:

  'dbdriveroptions' => array(
    PDO::MYSQL_ATTR_SSL_KEY =>'/etc/xxx',
    PDO::MYSQL_ATTR_SSL_CERT =>'/etc/xxx',
    PDO::MYSQL_ATTR_SSL_CA => '/etc/xxx',
    PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false,
  ),

to

  'dbdriveroptions' => array(
    1007 => '/etc/xxx',
    1008 => '/etc/xxx',
    1009 => '/etc/xxx',
    1014 => false,
  ),

If I do the installation without enforcing SSL for MysQL, and that I define the dbdriveroptions after, everything works fine. So 'im quite certain that occ maintenance:install is the problem.

Expected behaviour

It shouldn’t modify the dbdriveroptions setting in config.php, instead it should rather use it to connect to MySQL in a secure way and do the installation.

Server configuration

Operating system: Devuan 2.0

Web server: NGinx 1.14.2

Database: Percona MySQL 5.7.25

PHP version: PHP7.2

ownCloud version: 10.1.0

Updated from an older ownCloud or fresh install: fresh install.

Where did you install ownCloud from:
Downloaded the tar.gz and installed with occ maintenance.

Signing status (ownCloud 9.0 and above):
It’s fine.

I’d like to keep enforcing SSL for MySQL, but for now I have to do the installation without it and enable it after.
Thanks.