[
https://issues.apache.org/jira/browse/GUACAMOLE-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16764337#comment-16764337
]
David commented on GUACAMOLE-728:
---------------------------------
For what it's worth, I figured out a workaround for this in the meantime at
[https://qiita.com/shaching/items/5fe3d5df691b4ec53084.] It involves changing
the authentication method for the guacamole user back to the previous
authentication type that doesn't use SSL by default. Or, at least, that's how I
understand it. Regardless, for anyone else experiencing this problem, this
solution works to get the application back up and running.
I'd still prefer to see SSL configuration actually supported.
> Docker image unable to connect to MySQL8 docker: Public Key Retrieval Not
> Allowed
> ---------------------------------------------------------------------------------
>
> Key: GUACAMOLE-728
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-728
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-jdbc-mysql
> Affects Versions: 1.0.0
> Reporter: David
> Priority: Major
>
> When running the guacamole docker image linked to a mysql8 docker image, I'm
> experiencing an error in the logs that says:
> {code:none}
> Fri Feb 08 04:24:15 UTC 2019 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> Fri Feb 08 04:24:15 UTC 2019 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> 04:24:15.832 [http-nio-8080-exec-7] ERROR o.a.g.rest.RESTExceptionMapper -
> Unexpected internal error:
> ### Error querying database. Cause:
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Public
> Key Retrieval is not allowed
> ### The error may exist in org/apache/guacamole/auth/jdbc/user/UserMapper.xml
> ### The error may involve
> org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne
> ### The error occurred while executing a query
> ### Cause:
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Public
> Key Retrieval is not allowed
> {code}
> I'm not sure how to get around this, but it's keeping me from using
> guacamole. :(
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
