Use mysql without client certificates

[martinprejsa]

I have a MySQL server which doesn't require client certificates and if i try to connect to it without the certificates configured in snipe-it the connection fails.

Current behavior:
When DB_SSL_KEY_PATH or DB_SSL_CERT_PATH or DB_SSL_CIPHER is not set (or set to null, or to an empty string), whilst DB_SSL=true then a secure connection with the MySQL server results in an error.

SQLSTATE[HY000] [2002] Cannot connect to MySQL using SSL (Connection: mysql, SQL: select 2 + 2)

Expected behavior
No error should occur.

Findings
When i removed PDO::MYSQL_ATTR_SSL_KEY, PDO::MYSQL_ATTR_SSL_CERT, PDO::MYSQL_ATTR_SSL_CIPHER from the options in config/database.php no error occured.

snipe-it/config/database.php

Lines 104 to 107 in 77b79db

	PDO::MYSQL_ATTR_SSL_KEY => env('DB_SSL_KEY_PATH'), // /path/to/key.pem
	PDO::MYSQL_ATTR_SSL_CERT => env('DB_SSL_CERT_PATH'), // /path/to/cert.pem
	PDO::MYSQL_ATTR_SSL_CA => env('DB_SSL_CA_PATH'), // /path/to/ca.pem
	PDO::MYSQL_ATTR_SSL_CIPHER => env('DB_SSL_CIPHER'),

Tested on

Distributor ID: Ubuntu
Description:    Ubuntu 22.04.5 LTS
Release:        22.04
Codename:       jammy

Snipe-it version v8.3.1
Tested both on the docker version and the "installer" version on a Ubuntu machine.

[snipe]

If you set DB_SSL to false (with those lines left in) does it work?

[snipe]

Any luck?

[snipe]

Hi there - We haven't heard back in a bit, so I'm going to close this ticket for now, but will re-open it if you're still having issues.

[martinprejsa]

No it does not work, because PDO::MYSQL_ATTR_SSL_CA is not set.

[snipe]

@martinprejsa If you apply the changes in this PR, does it resolve your issue? #18044