Does OpenEMR work with Azure Web Apps + Database?

Support
, , ,
#1

I have followed theses instructions but cannot create a database, or connect to an existing database when using the web page installer.;

If I use the InstallerAuto.php script (/home/site/wwwroot/contrib/util/installScripts/), it returns to the command prompt without error.
I can successfully connect using MySQL and create databases from other devices in different subnets to the SQL server.

This forum post has a similar issue but there did not appear to be a resolution;

I have; created root SQL accounts, granted all database privileges, made sure there are no dollar signs in passwords, tried to use the php -f InstallerAuto.php, changed environment variables, downloaded certificates and much more…

I do not want to run containers.

Any guidance most appreciated.

#2

@Tech1 Welcome to community can you please share log of error your getting while doing installation

#3

2024-07-21T02:14:02.7193493Z Container start method finished after 19615 ms.Ending Log Tail of existing logs —Starting Live Log Stream —
2024-07-21T02:19:00.4592683Z NOTICE: PHP message: OpenEMR Error : OpenEMR is potentially not secure because CSRF key is empty.
2024-07-21T02:19:00.4598405Z NOTICE: PHP message: OpenEMR Error : OpenEMR is potentially not secure because CSRF token was not formed correctly.
2024-07-21T02:19:00.4643484Z 127.0.0.1 - 21/Jul/2024:02:18:58 +0000 “POST /setup.php” 200
2024-07-21T02:19:03.3003491Z 127.0.0.1 - 21/Jul/2024:02:19:03 +0000 “GET /index.php” 302
2024-07-21T02:19:03.5501471Z 127.0.0.1 - 21/Jul/2024:02:19:03 +0000 “GET /setup.php” 200
2024-07-21T02:19:06.1489193Z 127.0.0.1 - 21/Jul/2024:02:19:06 +0000 “POST /setup.php” 200
2024-07-21T02:19:07.9319631Z 127.0.0.1 - 21/Jul/2024:02:19:07 +0000 “POST /setup.php” 200
2024-07-21T02:19:32.2368849Z NOTICE: PHP message: PHP Warning: Undefined array key “collate” in /home/site/wwwroot/setup.php on line 1126
2024-07-21T02:19:32.2375257Z NOTICE: PHP message: PHP Deprecated: preg_match(): Passing null to parameter #2 ($subject) of type string is deprecated in /home/site/wwwroot/library/classes/Installer.class.php on line 148
2024-07-21T02:19:32.4245937Z 127.0.0.1 - 21/Jul/2024:02:19:32 +0000 “POST /setup.php” 200
2024-07-21T02:19:32.4252216Z NOTICE: PHP message: PHP Warning: mysqli_real_connect(): SSL operation failed with code 1. OpenSSL Error messages:
2024-07-21T02:19:32.4255847Z error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /home/site/wwwroot/library/classes/Installer.class.php on line 1382
2024-07-21T02:19:37.3774351Z 127.0.0.1 - 21/Jul/2024:02:19:37 +0000 “GET /index.php” 302
2024-07-21T02:19:37.6111136Z 127.0.0.1 - 21/Jul/2024:02:19:37 +0000 “GET /setup.php” 200
2024-07-21T02:19:40.7220402Z 127.0.0.1 - 21/Jul/2024:02:19:40 +0000 “POST /setup.php” 200
2024-07-21T02:19:42.8123358Z 127.0.0.1 - 21/Jul/2024:02:19:42 +0000 “POST /setup.php” 200
2024-07-21T02:20:06.9359055Z 127.0.0.1 - 21/Jul/2024:02:20:06 +0000 “POST /setup.php” 200
2024-07-21T02:20:06.9364991Z NOTICE: PHP message: PHP Warning: mysqli_real_connect(): SSL operation failed with code 1. OpenSSL Error messages:
2024-07-21T02:20:06.9367906Z error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /home/site/wwwroot/library/classes/Installer.class.php on line 1382
2024-07-21T02:20:09.8732952Z 127.0.0.1 - 21/Jul/2024:02:20:09 +0000 “POST /setup.php” 200
2024-07-21T02:20:41.4893892Z 127.0.0.1 - 21/Jul/2024:02:20:41 +0000 “POST /setup.php” 200
2024-07-21T02:20:41.4899402Z NOTICE: PHP message: PHP Warning: mysqli_real_connect(): SSL operation failed with code 1. OpenSSL Error messages:
2024-07-21T02:20:41.4902262Z error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /home/site/wwwroot/library/classes/Installer.class.php on line 1382

#4

(Apologies, thanks for the welcome!)

I wondered, should this be entered as an environment variable somewhere?MYSQL_ATTR_SSL_CA:/home/site/wwwroot/ssl/DigiCertGlobalRootCA.crt.pem

Or to something like this?
MYSQL_ATTR_SSL_CA: /home/site/wwwroot/sites/default/documents/certificates/mysql-ca

Does the rename work legally to mysql-ca(no.pem)?

Also, how applicable is sqlconf.php in all this?

Please bare with me as I am theoretically certified but technically, doggy paddling here…

#5

CURRENT APP SERVICE ENVIRONMENT (OF NON WORKING ENVIRONMENT)

System info
System up time: 6.04:50:52.1560000
OS version: Unix 5.15.153.1
64 bit system: True
64 bit process: True
Processor count: 1
Machine name: [xxxx]
Instance id: [xxxx]
Short instance id: 504731
CLR version: 6.0.30
System directory:
Current working directory: /opt/Kudu
IIS command line: /opt/Kudu/Kudu.Services.Web.dll
AppSettings
webpages:Enabled = true
deployment_branch = master
SCM_TRACE_LEVEL = Verbose
SCM_COMMAND_IDLE_TIMEOUT = 60
SCM_LOGSTREAM_TIMEOUT = 7200
SCM_BUILD_ARGS =
AZURE_REDIS_PASSWORD = [xxxx]
AZURE_MYSQL_HOST = [xxxx-server.mysql.database.azure.com]
AZURE_MYSQL_FLAG = MYSQLI_CLIENT_SSL
AZURE_REDIS_PORT = 6380
AZURE_MYSQL_PORT = 3306
AZURE_MYSQL_PASSWORD = [xxxx]
AZURE_MYSQL_DBNAME = [xxxx]
WEBSITE_SITE_NAME = [xxxx]
AZURE_REDIS_SSL = true
AZURE_REDIS_HOST = [xxxx]-cache.redis.cache.windows.net
WEBSITE_AUTH_AUTO_AAD = False
WEBSITE_AUTH_ENABLED = False
AZURE_REDIS_DATABASE = 0
FUNCTIONS_RUNTIME_SCALE_MONITORING_ENABLED = 0
ScmType = None
WEBSITE_HTTPLOGGING_RETENTION_DAYS = 7
WEBSITE_AUTH_LOGOUT_PATH = /.auth/logout
REMOTEDEBUGGINGVERSION = 17.6.10930.2695
AZURE_MYSQL_USERNAME = [xxxx]
SCM_USE_LIBGIT2SHARP_REPOSITORY = 0
Connection Strings
LocalSqlServer
ConnectionString = data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true
ProviderName = System.Data.SqlClient
Environment variables
APPDATA = /opt/Kudu/local
APPSETTING_AZURE_MYSQL_DBNAME = [xxxx]
APPSETTING_AZURE_MYSQL_FLAG = MYSQLI_CLIENT_SSL
APPSETTING_AZURE_MYSQL_HOST = [xxxx]-server.mysql.database.azure.com
APPSETTING_AZURE_MYSQL_PASSWORD = [xxxx]
APPSETTING_AZURE_MYSQL_PORT = 3306
APPSETTING_AZURE_MYSQL_USERNAME = [xxxx]
APPSETTING_AZURE_REDIS_DATABASE = 0
APPSETTING_AZURE_REDIS_HOST = [xxxx]-cache.redis.cache.windows.net
APPSETTING_AZURE_REDIS_PASSWORD = [xxxx]=
APPSETTING_AZURE_REDIS_PORT = 6380
APPSETTING_AZURE_REDIS_SSL = true
APPSETTING_FUNCTIONS_RUNTIME_SCALE_MONITORING_ENABLED = 0
APPSETTING_REMOTEDEBUGGINGVERSION = 17.6.10930.2695
APPSETTING_SCM_USE_LIBGIT2SHARP_REPOSITORY = 0
APPSETTING_ScmType = None
APPSETTING_WEBSITE_AUTH_AUTO_AAD = False
APPSETTING_WEBSITE_AUTH_ENABLED = False
APPSETTING_WEBSITE_AUTH_LOGOUT_PATH = /.auth/logout
APPSETTING_WEBSITE_HTTPLOGGING_RETENTION_DAYS = 7
APPSETTING_WEBSITE_SITE_NAME = [xxxx]
ASPNETCORE_URLS = http://0.0.0.0:8181
AZURE_MYSQL_DBNAME = [xxxx]
AZURE_MYSQL_FLAG = MYSQLI_CLIENT_SSL
AZURE_MYSQL_HOST = [xxxx]-server.mysql.database.azure.com
AZURE_MYSQL_PASSWORD = [xxxx]
AZURE_MYSQL_PORT = 3306
AZURE_MYSQL_USERNAME = [xxxx]
AZURE_REDIS_DATABASE = 0
AZURE_REDIS_HOST = [xxxx]-cache.redis.cache.windows.net
AZURE_REDIS_PASSWORD = [xxxx]=
AZURE_REDIS_PORT = 6380
AZURE_REDIS_SSL = true
COMPUTERNAME = [xxxx]
DEBIAN_FLAVOR = bullseye
DEBIAN_FRONTEND = noninteractive
DOTNET_CLI_TELEMETRY_PROFILE = AzureKudu
DOTNET_RUNNING_IN_CONTAINER = true
DOTNET_SKIP_FIRST_TIME_EXPERIENCE = 1
DOTNET_USE_POLLING_FILE_WATCHER = true
DYNAMIC_INSTALL_ENABLED = true
ENABLE_DYNAMIC_INSTALL = true
ENABLE_ORYX_BUILD = true
FRAMEWORK = PHP
FRAMEWORK_VERSION = 8.2
FUNCTIONS_RUNTIME_SCALE_MONITORING_ENABLED = 0
HOME = /home
HOSTNAME = [xxxx]
HTTP_AUTHORITY = [xxxx].scm.azurewebsites.net
HTTP_HOST = [xxxx].scm.azurewebsites.net
KUDU_APPPATH = /opt/Kudu
KUDU_BUILD_VERSION = 20240522.2
KUDU_ENV = Bullseye
KUDU_RUN_USER = [xxxx]
KUDU_WEBSSH_PORT = 3000
LANG = C.UTF-8
LANGUAGE = C.UTF-8
LC_ALL = C.UTF-8
LINUX_FX_VERSION = PHP|8.2
MSBUILDDISABLEFEATURESFROMVERSION = 17.8
NODE_VERSION =
NUGET_PACKAGES = /var/nuget
NUGET_XMLDOC_MODE = skip
NUM_CORES = 1
OLDPWD = /
ORIGINAL_PATH = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ORYX_AI_CONNECTION_STRING = InstrumentationKey=4aadba6b-30c8-42db-9b93-024d5c62b887
ORYX_ENV_NAME = ~[xxxx]
ORYX_ENV_TYPE = AppService
ORYX_PATHS = /opt/oryx:/opt/yarn/stable/bin:/opt/hugo/lts
ORYX_SDK_STORAGE_BASE_URL = https://oryx-cdn.microsoft.io
PATH = /home/site/deployments/tools:/opt/Kudu/Scripts:/usr/bin:/usr/bin:/usr/local/bin:/usr/local/bin:/usr/local/bin:/usr/local/bin:/opt/oryx:/opt/yarn/stable/bin:/opt/hugo/lts:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PHP_VERSION = 8.2
PLATFORM_VERSION = 102.1.7.121
PORT = 8181
PWD = /opt/Kudu
REGION_NAME = East US
REMOTEDEBUGGINGVERSION = 17.6.10930.2695
ScmType = None
SHLVL = 0
SITE_BITNESS = AMD64
SSH_USER_NAME = kudu_ssh_user
SSH_USER_PASSWORD = [xxxx]
WEBSITE_AUTH_AUTO_AAD = False
WEBSITE_AUTH_ENABLED = False
WEBSITE_AUTH_ENCRYPTION_KEY = [xxxx]
WEBSITE_AUTH_LOGOUT_PATH = /.auth/logout
WEBSITE_AUTH_SIGNING_KEY = [xxxx]
WEBSITE_HOME_STAMPNAME = [xxxx]
WEBSITE_HOSTNAME = [xxxx]-health.azurewebsites.net
WEBSITE_HTTPLOGGING_RETENTION_DAYS = 7
WEBSITE_INSTANCE_ID = [xxxx]
WEBSITE_ISOLATION = lxc
WEBSITE_OWNER_NAME = [xxxx]-EastUSwebspace-Linux
WEBSITE_PHP_VERSION = 8.2
WEBSITE_RESOURCE_GROUP = [xxxx]
WEBSITE_ROLE_INSTANCE_ID = 5001
WEBSITE_SITE_NAME = [xxxx]
WEBSITE_SKU = PremiumV2
WEBSITE_SSH_PASSWORD = [xxxx]!
WEBSITE_SSH_USER = root
WEBSITE_STACK = PHP
PATH
/home/site/deployments/tools
/opt/Kudu/Scripts
/usr/bin
/usr/bin
/usr/local/bin
/usr/local/bin
/usr/local/bin
/usr/local/bin
/opt/oryx
/opt/yarn/stable/bin
/opt/hugo/lts
/usr/local/sbin
/usr/local/bin
/usr/sbin
/usr/bin
/sbin
/bin
HTTP headers
Accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding=gzip, deflate, br, zstd
Accept-Language=en-GB,en;q=0.9
CLIENT-IP=66.9.171.117:30203
Cookie=ARRAffinity=[xxxx]2adc59bf73a9a447; ARRAffinitySameSite=5[xxxx]; WebSSH2=[xxxx]
DISGUISED-HOST=[xxxx]scm.azurewebsites.net
Host=[xxxx].scm.azurewebsites.net
Max-Forwards=10
Referer=https://[xxxx]scm.azurewebsites.net/
sec-ch-ua=“Not/A)Brand”;v=“8”, “Chromium”;v=“126”, “Google Chrome”;v=“126”
sec-ch-ua-mobile=?0
sec-ch-ua-platform=“Linux”
Sec-Fetch-Dest=document
Sec-Fetch-Mode=navigate
Sec-Fetch-Site=same-origin
Sec-Fetch-User=?1
User-Agent=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
WAS-DEFAULT-HOSTNAME=[xxxx].scm.azurewebsites.net
X-AppService-Proto=https
X-ARR-LOG-ID=808659a7-0ec2-4f7f-ab36-2d7df915eff8
X-ARR-SSL=2048|256|CN=Microsoft Azure RSA TLS Issuing CA 03, O=Microsoft Corporation, C=US|CN=*.azurewebsites.net, O=Microsoft Corporation, L=Redmond, S=WA, C=US
X-Client-IP=66.9.171.117
X-Client-Port=30203
X-Forwarded-For=66.9.171.117:30203
X-Forwarded-Proto=https
X-Forwarded-TlsVersion=1.3
X-MS-CLIENT-PRINCIPAL-NAME=a[xxxx]onmicrosoft.com
X-Original-URL=/Env
X-SITE-DEPLOYMENT-ID=[xxxx]
X-WAWS-Unencoded-URL=/Env

#6

SQL ENVIRONMENT

mysql> SHOW STATUS LIKE ‘Ssl_cipher’;
±--------------±----------------------------+
| Variable_name | Value |
±--------------±----------------------------+
| Ssl_cipher | ECDHE-RSA-AES128-GCM-SHA256 |
±--------------±----------------------------+
1 row in set (0.00 sec)