[
https://issues.apache.org/jira/browse/FINERACT-1455?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Adam Saghy closed FINERACT-1455.
--------------------------------
Resolution: Invalid
> Fineract server cannot conntect to MySQL with SSL required
> ----------------------------------------------------------
>
> Key: FINERACT-1455
> URL: https://issues.apache.org/jira/browse/FINERACT-1455
> Project: Apache Fineract
> Issue Type: Bug
> Components: Deployment
> Affects Versions: 1.5.0
> Reporter: Piotr Gwiazda
> Priority: Major
> Attachments: logs.txt
>
>
> I am trying to run Fineract with Azure Database Flexible Server for MySQL.
> This requires SSL connections.
> I am using Kubernetes deployments. Important parts of configuration below.
> I've tried adding *useSsl=true* to *fineract_tenants_url* and also creating
> *FINERACT_DEFAULT_TENANTDB_CONN_PARAMS* env variable.
> {code:java}
> apiVersion: apps/v1
> kind: Deployment
> metadata:
> name: fineract-server
> labels:
> app: fineract-server
> spec:
> selector:
> matchLabels:
> app: fineract-server
> tier: backend
> strategy:
> type: Recreate
> template:
> metadata:
> labels:
> app: fineract-server
> tier: backend
> spec:
> containers:
> - name: fineract-server
> image: apache/fineract:latest
> resources:
> limits:
> cpu: "1000m"
> memory: "1Gi"
> requests:
> cpu: "200m"
> memory: "0.5Gi"
> livenessProbe:
> httpGet:
> path: /fineract-provider/actuator/health/liveness
> port: 8080
> initialDelaySeconds: 180
> periodSeconds: 1
> readinessProbe:
> httpGet:
> path: /fineract-provider/actuator/health/readiness
> port: 8080
> initialDelaySeconds: 180
> periodSeconds: 1
> env:
> - name: DRIVERCLASS_NAME
> value: org.mariadb.jdbc.Driver
> - name: PROTOCOL
> value: jdbc
> - name: SUB_PROTOCOL
> value: mariadb
> - name: node_id
> value: '1'
> - name: fineract_tenants_driver
> value: org.mariadb.jdbc.Driver
> - name: fineract_tenants_url
> value: jdbc:mariadb://{{ .Values.mysqlhost
> }}:3306/fineract_tenants?useSsl=true
> - name: fineract_tenants_uid
> valueFrom:
> secretKeyRef:
> name: fineract-tenants-db-secret
> key: username
> - name: fineract_tenants_pwd
> valueFrom:
> secretKeyRef:
> name: fineract-tenants-db-secret
> key: password
> - name: FINERACT_DEFAULT_TENANTDB_HOSTNAME
> value: {{ .Values.mysqlhost }}
> - name: FINERACT_DEFAULT_TENANTDB_CONN_PARAMS
> value: 'useSsl=true'
> - name: FINERACT_DEFAULT_TENANTDB_PORT
> value: '3306'
> - name: FINERACT_DEFAULT_TENANTDB_UID
> valueFrom:
> secretKeyRef:
> name: fineract-tenants-db-secret
> key: username
> - name: FINERACT_DEFAULT_TENANTDB_PWD
> valueFrom:
> secretKeyRef:
> name: fineract-tenants-db-secret
> key: password
> - name: FINERACT_DEFAULT_TENANTDB_CONN_PARAMS
> value: ''
> ports:
> - containerPort: 8443
> name: fineract-server{code}
>
> Some initial connections are created correctly and FlywayDB is able to create
> tables in "fineract_tenants" database. However after that in
> *tenantDatabaseUpgradeService* there is an exception
> {{java.sql.SQLTransientConnectionException: (conn=49) Connections using
> insecure transport are prohibited while --require_secure_transport=ON }}
> Attaching full log.
> I am using MySQL 8.0.21 as Flyway was failing on 5.7 (as MySQL 5.7 is
> unsupported). I am using "latest" Docker image of Fineract.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
