Unable to connect using SSL (CA file) with MySQL Connector/J ver. 5.1.44

Completed

Workaround:

https://youtrack.jetbrains.com/issue/DBE-2273#focus=streamItem-27-3540670.0-0

Workaround1:

See https://youtrack.jetbrains.com/issue/DBE-5439#focus=streamItem-27-3352630.0-0

Workaround2:
See https://youtrack.jetbrains.com/issue/DBE-5439 for a workaround. In general, one needs to rollback to 5.1.40 driver.

I connect to an Amazon Web Services MySQL RDS instance using SSL with the CA file provided at http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html (rds-downloads/rds-combined-ca-bundle.pem)

The other day I saw in my connection the option to update the MySQL driver, and since doing so I have been unable to connect using the SSL option. However, I can connect when not using SSL.

I have managed to get SSL to work again by switching from "MySQL Connector/J ver. 5.1.44" to "MySQL Connector/J ver. 5.1.40" found under Data Sources and Drivers > Drivers > MySQL > Driver Files.

So it seems there may be a problem with the MySQL Connector/J ver. 5.1.44 driver.

6
9 comments

I was running into this same problem! It was driving me insane. Thanks so much for the help!!!

0

We've found the same to be true for 5.1.45 driver. Hope they get this resolved moving forward!

0

Thank you! Yes we had the same problem. Reverting to 5.1.40 resolved it for now.

1

Same issue, suddenly couldn't connect anymore with DataGrip to my RDS server. Fixed by switching to 5.1.40 by clicking on the driver and selecting another version

 

1

Had the same issue in PyCharm, reverting back to MySQL Connector/J ver. 5.1.40 does help - not sure why that happens. 

0

Yup. Rolling back to 5.1.40 was the key. I was starting to question my abilities....

1

Connector/J can encrypt all data communicated between the JDBC driver and the server (except for the initial handshake) using SSL. There is a performance penalty for enabling connection encryption, the severity of which depends on multiple factors including (but not limited to) the size of the query, the amount of data returned, the server hardware, the SSL library used, the network bandwidth, and so on.

The system works through two Java keystore files: one file contains the certificate information for the server (truststorein the examples below), and another contains the keys and certificate for the client (keystore in the examples below). All Java keystore files are protected by the password supplied to the keytool when you created the files. You need the file names and the associated passwords to create an SSL connection For more information visit: https://bit.ly/2OUHlbu

0

The underlying issue is fixed in DataGrip 2019.3 EAP. Feel free to use the latest JDBC driver and set up proper SSL settings

0

I installed DataGrip today and it failed to connect to Google Cloud SQL until I selected version 5.1.40 of the MySQL driver. So maybe something is fixed and something else still isn't?

 

DataGrip 2019.3.3
Build #DB-193.6494.42, built on February 12, 2020
Licensed to Activout AB / David Eriksson
Subscription is active until July 25, 2020
Runtime version: 11.0.5+10-b520.38 amd64
VM: OpenJDK 64-Bit Server VM by JetBrains s.r.o
Linux 5.1.10-050110-generic
GC: ParNew, ConcurrentMarkSweep
Memory: 725M
Cores: 8
Registry:
Non-Bundled Plugins:

 

0

Please sign in to leave a comment.