[
https://issues.apache.org/jira/browse/GUACAMOLE-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16764337#comment-16764337
]
David edited comment on GUACAMOLE-728 at 2/10/19 8:11 AM:
----------------------------------------------------------
For what it's worth, I figured out a workaround for this in the meantime at
[https://qiita.com/shaching/items/5fe3d5df691b4ec53084.] It involves changing
the authentication method for the guacamole user back to the previous
authentication type that doesn't use SSL by default. Or, at least, that's how I
understand it. Regardless, for anyone else experiencing this problem, this
solution works to get the application back up and running.
This example changes the authentication for the root user. Don't do that. Just
change the authentication on your guacamole user.
I'd still prefer to see SSL configuration actually supported.
was (Author: damccull):
For what it's worth, I figured out a workaround for this in the meantime at
[https://qiita.com/shaching/items/5fe3d5df691b4ec53084.] It involves changing
the authentication method for the guacamole user back to the previous
authentication type that doesn't use SSL by default. Or, at least, that's how I
understand it. Regardless, for anyone else experiencing this problem, this
solution works to get the application back up and running.
I'd still prefer to see SSL configuration actually supported.
> Docker image unable to connect to MySQL8 docker: Public Key Retrieval Not
> Allowed
> ---------------------------------------------------------------------------------
>
> Key: GUACAMOLE-728
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-728
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-jdbc-mysql
> Affects Versions: 1.0.0
> Reporter: David
> Priority: Major
>
> When running the guacamole docker image linked to a mysql8 docker image, I'm
> experiencing an error in the logs that says:
> {code:none}
> Fri Feb 08 04:24:15 UTC 2019 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> Fri Feb 08 04:24:15 UTC 2019 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> 04:24:15.832 [http-nio-8080-exec-7] ERROR o.a.g.rest.RESTExceptionMapper -
> Unexpected internal error:
> ### Error querying database. Cause:
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Public
> Key Retrieval is not allowed
> ### The error may exist in org/apache/guacamole/auth/jdbc/user/UserMapper.xml
> ### The error may involve
> org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne
> ### The error occurred while executing a query
> ### Cause:
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Public
> Key Retrieval is not allowed
> {code}
> I'm not sure how to get around this, but it's keeping me from using
> guacamole. :(
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
