I am trying to connect to a running and working MariaDB 10.1 database. Users in this database are defined using `REQUIRE X509` which means they need to send a signed certificate keypair which is getting validated against available CA.
Accessing database via console works as expected:
> mysql Ver 15.1 Distrib 10.1.44-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
-h myhost \
-P 3316 \
-u myuser \
Accessing database via MySQL Workbench also works as expected. It complains about not finding a regular MySQL database (as usual), but works.
We also have some applications written in Golang making use of that database and things work just like a charm.
Trying to access the database via MariaDB datasource in Datagrip just does not work in any way. The result is the common error message "Access denied for user ...". There is also no difference when switching between SSL modes "Require", "Verify CA" or "Full Verification".
The interesting thing is, that MariaDB users which have been generated via only `REQUIRE SSL` work as expected (no validation against CA). In the docs there is written, that a possible downgrade to older drivers may work in case SSL does not work directly.
The Datagrip provided MariaDB drivers are by default 2.4.1 and 2.2.1. I have the same effect on both drivers. After that I tried to integrate the latest available MariaDB connector which is version 2.6.0. Also same effect.
Can anybody help me out?
Can not connect to MariaDB database via SSL with users configured as `REQUIRED X509`.