Hello It was announced about some changes: vnick Nick Couchman added a comment - 03/Mar/23 14:08 MySQL Connector/J has been updated.
However I does not see any changes. No success with 1.5.0. I see same problem. Does somebody have success with container version 1.5.0 guacamole? Alexandre On Thu, 2023-02-23 at 11:47 +0300, Alexandre Roumiantsev wrote: > Hello > > Thank you Sebastian and Sander. Now I understand the problem. > I agree with Sebastian about the 1.4.0 and 1.5.0 version differences > regarding guacamole related jdbc connections. This is a big headache for me > > Best regards, Alexandre > > On Thu, 2023-02-23 at 06:57 +0000, Sebastian Männling wrote: > > Hi, > > probably I ran into the same (or at least a similar) issue… > > > > I ended up with creating a self signed cert for the MySQL container > > and adding the self signing CA to guacamoles Java trust store… > > > > After that guacamole was able to communicate properly with the > > database. > > > > To me it looks like 1.5.0 behaves differently in regard of jdbc > > connections (not necessarily related to guacamole itself, but maybe > > some used/included library does?) > > > > Never the less, the above mentioned steps “fixed” it for me. > > > > Greetings, > > Sebastian > > > > > > On Thu, Feb 23, 2023 at 07:44, Alexandre Roumiantsev > > <r...@mail.wplus.net> wrote: > > > Hello > > > > > > Thanks Sander. You pointed me to problematic place. > > > However after adding " -e MYSQL_SSL_MODE=disabled" I get problem > > > some deeper: > > > 06:33:09.618 [http-nio-8080-exec-6] WARN > > > o.a.g.e.AuthenticationProviderFacade - The "mysql" authentication > > > provider has encountered an internal error which will halt the > > > authentication process. If this is unexpected or you are the > > > developer of this authentication provider, you may wish to enable > > > debug-level logging. If this is expected and you wish to ignore > > > such failures in the future, please set "skip-if-unavailable: > > > mysql" within your guacamole.properties. > > > 06:33:09.618 [http-nio-8080-exec-6] ERROR > > > o.a.g.rest.RESTExceptionMapper - Unexpected internal error: > > > ### Error querying database. Cause: > > > com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionExcept > > > ion: Public Key Retrieval is not allowed > > > ### The error may exist in > > > org/apache/guacamole/auth/jdbc/user/UserMapper.xml > > > ### The error may involve > > > org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne > > > ### The error occurred while executing a query > > > ### Cause: > > > com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionExcept > > > ion: Public Key Retrieval is not allowed > > > > > > Do you had same? How you avoid it? > > > > > > Thanks again, Alexandre. > > > > > > On Wed, 2023-02-22 at 21:21 +0100, Sander Kaldenhoven wrote: > > > > > > > > Hi Alexandre, > > > > > > > > Encountered the same issue today after upgrading Docker > > > > container. > > > > Downgraded to 1.4.0 got a better error message warning me for > > > > unsecured connection to MySQL. > > > > Wed Feb 22 20:50:49 CET 2023 WARN: Establishing SSL connection > > > > without server's identity verification is not recommended. > > > > According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL > > > > connection must be established by default if explicit option > > > > isn't set. For compliance with existing applications not using > > > > SSL the verifyServerCertificate property is set to 'false'. You > > > > need either to explicitly disable SSL by setting useSSL=false, > > > > or set useSSL=true and provide truststore for server > > > > certificate verification. > > > > > > > > What I did next was to include the following option for Docker > > > > container creation after finding the option mysql-ssl-mode > > > > (https://guacamole.apache.org/doc/gug/jdbc-auth.html) for > > > > guacamole. > > > > -e MYSQL_SSL_MODE=disabled > > > > > > > > After this the connection is ok again and Guacamole works > > > > again. > > > > > > > > Kind Regards, > > > > Sander. > > > > > > > > > > > > > > > > > > > > > > > >
signature.asc
Description: This is a digitally signed message part