Hi, probably I ran into the same (or at least a similar) issue… I ended up with creating a self signed cert for the MySQL container and adding the self signing CA to guacamoles Java trust store…
After that guacamole was able to communicate properly with the database. To me it looks like 1.5.0 behaves differently in regard of jdbc connections (not necessarily related to guacamole itself, but maybe some used/included library does?) Never the less, the above mentioned steps “fixed” it for me. Greetings, Sebastian On Thu, Feb 23, 2023 at 07:44, Alexandre Roumiantsev <[email protected]> wrote: > Hello > > Thanks Sander. You pointed me to problematic place. > However after adding " -e MYSQL_SSL_MODE=disabled" I get problem some deeper: > 06:33:09.618 [http-nio-8080-exec-6] WARN o.a.g.e.AuthenticationProviderFacade > - The "mysql" authentication provider has encountered an internal error which > will halt the authentication process. If this is unexpected or you are the > developer of this authentication provider, you may wish to enable debug-level > logging. If this is expected and you wish to ignore such failures in the > future, please set "skip-if-unavailable: mysql" within your > guacamole.properties. > 06:33:09.618 [http-nio-8080-exec-6] ERROR o.a.g.rest.RESTExceptionMapper - > Unexpected internal error: > ### Error querying database. Cause: > com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Public > Key Retrieval is not allowed > ### The error may exist in org/apache/guacamole/auth/jdbc/user/UserMapper.xml > ### The error may involve > org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne > ### The error occurred while executing a query > ### Cause: > com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Public > Key Retrieval is not allowed > > Do you had same? How you avoid it? > > Thanks again, Alexandre. > > On Wed, 2023-02-22 at 21:21 +0100, Sander Kaldenhoven wrote: > >> Hi Alexandre, >> >> Encountered the same issue today after upgrading Docker container. >> Downgraded to 1.4.0 got a better error message warning me for unsecured >> connection to MySQL. >> >> Wed Feb 22 20:50:49 CET 2023 WARN: Establishing SSL connection without >> server's identity verification is not recommended. According to MySQL >> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established >> by default if explicit option isn't set. For compliance with existing >> applications not using SSL the verifyServerCertificate property is set to >> 'false'. You need either to explicitly disable SSL by setting useSSL=false, >> or set useSSL=true and provide truststore for server certificate >> verification. >> >> What I did next was to include the following option for Docker container >> creation after finding the option mysql-ssl-mode >> (https://guacamole.apache.org/doc/gug/jdbc-auth.html) for guacamole. >> -e MYSQL_SSL_MODE=disabled >> >> After this the connection is ok again and Guacamole works again. >> >> Kind Regards, >> Sander.
