Hello Thank you Sebastian and Sander. Now I understand the problem. I agree with Sebastian about the 1.4.0 and 1.5.0 version differences regarding guacamole related jdbc connections. This is a big headache for me
Best regards, Alexandre On Thu, 2023-02-23 at 06:57 +0000, Sebastian Männling wrote: > Hi, > probably I ran into the same (or at least a similar) issue… > > I ended up with creating a self signed cert for the MySQL container > and adding the self signing CA to guacamoles Java trust store… > > After that guacamole was able to communicate properly with the > database. > > To me it looks like 1.5.0 behaves differently in regard of jdbc > connections (not necessarily related to guacamole itself, but maybe > some used/included library does?) > > Never the less, the above mentioned steps “fixed” it for me. > > Greetings, > Sebastian > > > On Thu, Feb 23, 2023 at 07:44, Alexandre Roumiantsev > <[email protected]> wrote: > > Hello > > > > Thanks Sander. You pointed me to problematic place. > > However after adding " -e MYSQL_SSL_MODE=disabled" I get problem > > some deeper: > > 06:33:09.618 [http-nio-8080-exec-6] WARN > > o.a.g.e.AuthenticationProviderFacade - The "mysql" authentication > > provider has encountered an internal error which will halt the > > authentication process. If this is unexpected or you are the > > developer of this authentication provider, you may wish to enable > > debug-level logging. If this is expected and you wish to ignore > > such failures in the future, please set "skip-if-unavailable: > > mysql" within your guacamole.properties. > > 06:33:09.618 [http-nio-8080-exec-6] ERROR > > o.a.g.rest.RESTExceptionMapper - Unexpected internal error: > > ### Error querying database. Cause: > > com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionExceptio > > n: Public Key Retrieval is not allowed > > ### The error may exist in > > org/apache/guacamole/auth/jdbc/user/UserMapper.xml > > ### The error may involve > > org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne > > ### The error occurred while executing a query > > ### Cause: > > com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionExceptio > > n: Public Key Retrieval is not allowed > > > > Do you had same? How you avoid it? > > > > Thanks again, Alexandre. > > > > On Wed, 2023-02-22 at 21:21 +0100, Sander Kaldenhoven wrote: > > > > > > Hi Alexandre, > > > > > > Encountered the same issue today after upgrading Docker > > > container. > > > Downgraded to 1.4.0 got a better error message warning me for > > > unsecured connection to MySQL. > > > Wed Feb 22 20:50:49 CET 2023 WARN: Establishing SSL connection > > > without server's identity verification is not recommended. > > > According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL > > > connection must be established by default if explicit option > > > isn't set. For compliance with existing applications not using > > > SSL the verifyServerCertificate property is set to 'false'. You > > > need either to explicitly disable SSL by setting useSSL=false, or > > > set useSSL=true and provide truststore for server certificate > > > verification. > > > > > > What I did next was to include the following option for Docker > > > container creation after finding the option mysql-ssl-mode > > > (https://guacamole.apache.org/doc/gug/jdbc-auth.html) for > > > guacamole. > > > -e MYSQL_SSL_MODE=disabled > > > > > > After this the connection is ok again and Guacamole works again. > > > > > > Kind Regards, > > > Sander. > > > > > > > > > > > > > > > > >
signature.asc
Description: This is a digitally signed message part
