Enable SSL in Apache guacamole running under docker using the default guacamole images.

Thu, 05 Mar 2020 17:40:01 -0800 

Background
Apache guacamole running under docker using the default guacamole images.
External Microsoft Azure-managed MySQL database.
Azure by default requires SSL connections to the managed db service.
This can be disabled but that is not an option for this environment.
Settings
Docker-compose.yml has the following section:

 environment:
      - "GUACD_HOSTNAME=127.0.0.1"
      - "GUACD_PORT=4822"
      - "MYSQL_PORT=3306"
      - "MYSQL_DATABASE=guacamole"
      - "GUACAMOLE_HOME=/data"
      - "MYSQL_USER=******************"
      - "MYSQL_PASSWORD=******************"
      - "MYSQL_HOSTNAME=******************"
Issue
With it enabled in Azure I get the following:

guacamole    | 09:34:53.998 [http-nio-8080-exec-5] WARN
 o.a.g.e.AuthenticationProviderFacade - The "mysql" authentication provider
has encountered an internal error which will halt the authentication
process. If this is unexpected or you are the developer of this
authentication provider, you may wish to enable debug-level logging. If
this is expected and you wish to ignore such failures in the future, please
set "skip-if-unavailable: mysql" within your guacamole.properties.
guacamole    | 09:34:53.999 [http-nio-8080-exec-5] ERROR
o.a.g.rest.RESTExceptionMapper - Unexpected internal error:
guacamole    | ### Error querying database.  Cause: java.sql.SQLException:
SSL connection is required. Please specify SSL options and retry.
guacamole    | ### The error may exist in
org/apache/guacamole/auth/jdbc/user/UserMapper.xml
guacamole    | ### The error may involve
org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne
guacamole    | ### The error occurred while executing a query
guacamole    | ### Cause: java.sql.SQLException: SSL connection is
required. Please specify SSL options and retry.
I know that (outside of docker) if i do a mysql client command line
connection I can use the option --ssl and then everything connects ok.

But as i’m very new to docker I’m stumped as to how to set that option in
my docker-compose file.

And my google fu has failed me and is taking me down rabbit holes about TLS
access to the docker containers or setting https for websites.

How do I enable the mysql connection to use ssl in my docker-compose.yml?
Regards
Marcus

Reply via email to