Menu
I've recently upgraded my local machine OS from Ubuntu 18.04 to 20.04, I'm running my MySQL-server on CentOS (AWS). Post upgrade whenever I'm trying to connect to MySQL server it is throwing SSL connection error.
$ mysql -u yamcha -h database.yourproject.com -p --port 3309 ERROR 2026 (HY000): SSL connection error: error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol But if I pass --ssl-mode=disabled option along with it, I'm able to connect remotely.
$ mysql -u yamcha -h database.yourproject.com -p --port 3309 --ssl-mode=disabled Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 22158946 Server version: 5.7.26 MySQL Community Server (GPL) Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> Queries:
- How to connect without passing
--ssl-mode=disabled- How to pass this
--ssl-mode=disabledoption in my Django application, currently I've defined it as shown below, but I'm still getting the same error.
DATABASES = { 'default': { 'ENGINE': 'django.db.backends.mysql', 'NAME': 'yamcha', 'USER': 'yamcha', 'PASSWORD': 'xxxxxxxxxxxxxxx', 'HOST': 'database.yourproject.com', 'PORT': '3309', 'OPTIONS': {'ssl': False}, } 
251
right-click on the particular MySQL instance and select "Edit Connection" Select the "SSL" tab under Connection Method. Select the drop-down for the "Use SSL" and choose "If Available" instead of "Required". Click the "Test Connection" button at the lower right connection to make sure you can now connect without errors ...
11 and is removed in MySQL 8.0. For client programs, use --ssl-mode instead: Use --ssl-mode=REQUIRED instead of --ssl=1 or --enable-ssl . Use --ssl-mode=DISABLED instead of --ssl=0 , --skip-ssl , or --disable-ssl .
Run the following query to check the SSL status in MySQL: SHOW GLOBAL VARIABLES LIKE '%ssl%'; STATUS; Note: You do not need to use capital letters. The example uses them to differentiate command syntax from what you're querying.
Ubuntu 20 has improved the security level. The only way i could connect whas allowing the tls 1 .
Edit this file:
/usr/lib/ssl/openssl.cnf And put at the beginning of file:
openssl_conf = default_conf And in the end of that file too:
[ default_conf ] ssl_conf = ssl_sect [ssl_sect] system_default = ssl_default_sect [ssl_default_sect] MinProtocol = TLSv1 CipherString = DEFAULT:@SECLEVEL=1 It help me a lot: https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level
146
For anyone googling, you can use this flag in mysql cmd: --ssl-mode=DISABLED. I.E:
mysql -uuser -p'myPassw0rd!' -hmysql.company.com --ssl-mode=DISABLED If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
