Improve .env file checking to not validate SSL certificates

app/Http/Controllers/SettingsController.php

@@ -14,7 +14,6 @@ use App\Models\Asset;
 use App\Models\User;
 use App\Notifications\FirstAdminNotification;
 use App\Notifications\MailTest;
-use Illuminate\Http\Client\HttpClientException;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\App;
 use Illuminate\Support\Facades\Storage;
@@ -129,12 +128,12 @@ class SettingsController extends Controller
     protected function dotEnvFileIsExposed() : bool
     {
         try {
-            return Http::timeout(10)
+            return Http::withoutVerifying()->timeout(10)
                 ->accept('*/*')
                 ->get(URL::to('.env'))
                 ->successful();
-        } catch (HttpClientException $e) {
-            Log::debug($e->getMessage());
+        } catch (\Exception $e) {
+            Log::error($e->getMessage());
             return true;
         }
     }

tests/Feature/Settings/ShowSetUpPageTest.php

@@ -2,6 +2,7 @@
 
 namespace Tests\Feature\Settings;
 
+use App\Http\Controllers\SettingsController;
 use Illuminate\Database\Events\QueryExecuted;
 use Illuminate\Http\Client\ConnectionException;
 use Illuminate\Http\Client\Request;
@@ -301,4 +302,11 @@ class ShowSetUpPageTest extends TestCase
 
         $this->assertSeeDirectoryPermissionError(false);
     }
+
+    public function testInvalidTLSCertsOkWhenCheckingForEnvFile()
+    {
+        //set the weird bad SSL cert place - https://self-signed.badssl.com
+
+        $this->assertTrue((new SettingsController())->dotEnvFileIsExposed());
+    }
 }