[
https://issues.apache.org/jira/browse/GUACAMOLE-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16764007#comment-16764007
]
Nick Couchman commented on GUACAMOLE-728:
-----------------------------------------
Might be worth taking the time to set up SSL-specific stuff for other modules,
as well. PostgreSQL supports SSL connections, and my guess is that SQL Server
does, as well, though I'm not certain about that. So, while we're at it, might
want to cover all the bases.
> Docker image unable to connect to MySQL8 docker: Public Key Retrieval Not
> Allowed
> ---------------------------------------------------------------------------------
>
> Key: GUACAMOLE-728
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-728
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-jdbc-mysql
> Affects Versions: 1.0.0
> Reporter: David
> Priority: Major
>
> When running the guacamole docker image linked to a mysql8 docker image, I'm
> experiencing an error in the logs that says:
> {code:none}
> Fri Feb 08 04:24:15 UTC 2019 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> Fri Feb 08 04:24:15 UTC 2019 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> 04:24:15.832 [http-nio-8080-exec-7] ERROR o.a.g.rest.RESTExceptionMapper -
> Unexpected internal error:
> ### Error querying database. Cause:
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Public
> Key Retrieval is not allowed
> ### The error may exist in org/apache/guacamole/auth/jdbc/user/UserMapper.xml
> ### The error may involve
> org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne
> ### The error occurred while executing a query
> ### Cause:
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Public
> Key Retrieval is not allowed
> {code}
> I'm not sure how to get around this, but it's keeping me from using
> guacamole. :(
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
