Skip to content

Warning from MySQL about SSL connection #420

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
php-coder opened this issue Jul 25, 2016 · 6 comments
Closed

Warning from MySQL about SSL connection #420

php-coder opened this issue Jul 25, 2016 · 6 comments
Assignees
@php-coder
Labels
area/infrastructure environment/prod Issue affects only production environment impact/deploy Manual actions will be required during deployment trivial
Milestone
0.4

Comments

@php-coder
Copy link
Owner

php-coder commented Jul 25, 2016
edited
Loading

Appears in log (after #399) during mystamps service startup:

Tue Jul 26 01:03:42 MSK 2016 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must
be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disa
ble SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Tue Jul 26 01:03:42 MSK 2016 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must
be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disa
ble SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
@php-coder php-coder added area/infrastructure environment/prod Issue affects only production environment labels Jul 25, 2016
@php-coder
Copy link
Owner Author

php-coder commented Jul 25, 2016
edited
Loading

I found it in /var/log/mystamps/mystamps.log and looks like this message was printed with non-standard logger (maybe JUL?).

@php-coder php-coder added this to the next milestone Jul 29, 2016
@php-coder
Copy link
Owner Author

@cssru Could you investigate it? First I need to understand why it happens and what are the possible solutions? Just post result of your investigation here as a comment and later we decided what to do with this issue.

@cssru
Copy link
Contributor

cssru commented Aug 29, 2016

How did you secure mysql server connections?

@cssru
Copy link
Contributor

cssru commented Aug 29, 2016

Notice that if you don't use SSL for MySQL connections you should use link like this:
jdbc:mysql://localhost:3306/mystamps?verifyServerCertificate=false&useSSL=false&requireSSL=false
instead of
jdbc:mysql://localhost:3306/mystamps.
Otherwise if you do, read this: http://stackoverflow.com/questions/14265115/configure-spring-to-connect-to-mysql-over-ssl.

@php-coder
Copy link
Owner Author

I don't secure connection somehow. See the application-prod.properties or/and application-travis.properties

@cssru
Copy link
Contributor

cssru commented Aug 29, 2016

So use my previous comment to avoid this warning.

@php-coder php-coder self-assigned this Sep 30, 2016
@php-coder php-coder added trivial impact/deploy Manual actions will be required during deployment labels Sep 30, 2016
php-coder added a commit that referenced this issue Sep 30, 2016
@php-coder
Configure MySQL connector to log messages in slf4j.
581f592 
See also: http://stackoverflow.com/questions/10903206/enabling-mysql-general-query-log-with-jdbc

Related to #420
@php-coder php-coder modified the milestones: 0.4, next Sep 30, 2016
php-coder added a commit that referenced this issue Sep 30, 2016
@php-coder
application-prod.properties: sync Vagrant's version of the configurat…
d5adc47 
…ion.

Should be in 581f592,
423f0da and
e9473ae commits.

Addressed to #420

[ci skip]
cssru pushed a commit to cssru/mystamps that referenced this issue Oct 5, 2016
@php-coder @cssru
Configure MySQL connector to log messages in slf4j.
1136d78 
See also: http://stackoverflow.com/questions/10903206/enabling-mysql-general-query-log-with-jdbc

Related to php-coder#420
cssru pushed a commit to cssru/mystamps that referenced this issue Oct 5, 2016
@php-coder @cssru
Configure MySQL connector to not try to use SSL.
19b7247 
This removes the following warning from the logs:

WARN: Establishing SSL connection without server's identity verification is not recommended.
According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by
default if explicit option isn't set. For compliance with existing applications not using SSL the
verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by
setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.

Fix php-coder#420
cssru pushed a commit to cssru/mystamps that referenced this issue Oct 5, 2016
@php-coder @cssru
application-prod.properties: sync Vagrant's version of the configurat…
0f05ecc 
…ion.

Should be in 581f592,
423f0da and
e9473ae commits.

Addressed to php-coder#420

[ci skip]
bodom91 pushed a commit to bodom91/mystamps that referenced this issue Aug 2, 2017
@php-coder @bodom91
Configure MySQL connector to log messages in slf4j.
c9e9f6b 
See also: http://stackoverflow.com/questions/10903206/enabling-mysql-general-query-log-with-jdbc

Related to php-coder#420
bodom91 pushed a commit to bodom91/mystamps that referenced this issue Aug 2, 2017
@php-coder @bodom91
Configure MySQL connector to not try to use SSL.
3e9ba2b 
This removes the following warning from the logs:

WARN: Establishing SSL connection without server's identity verification is not recommended.
According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by
default if explicit option isn't set. For compliance with existing applications not using SSL the
verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by
setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.

Fix php-coder#420
bodom91 pushed a commit to bodom91/mystamps that referenced this issue Aug 2, 2017
@php-coder @bodom91
application-prod.properties: sync Vagrant's version of the configurat…
26bab71 
…ion.

Should be in 581f592,
423f0da and
e9473ae commits.

Addressed to php-coder#420

[ci skip]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@php-coder php-coder

Labels
area/infrastructure environment/prod Issue affects only production environment impact/deploy Manual actions will be required during deployment trivial
Projects
None yet
Milestone
0.4
Development

No branches or pull requests
2 participants
@php-coder @cssru