Description:
Using Connector/J 8.0.12 to connect to a 5.7.19 database, with "useSSL=false" in the connection params, we're getting spammed with messages like this:
Wed Aug 15 18:07:49 EDT 2018 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Here's our Java code for the connection string:
String connectionString
= "jdbc:mysql://" + connectionArgs.getDbServer() + ":" + connectionArgs.getDbPort()
+ "/" + connectionArgs.getDbName()
// If connection times out waiting for response from server, reconnect. Required for
// long-running queries.
+ "?autoReconnect=true"
+ "&socketTimeout=3600&connectTimeout=3600"
+ "&serverTimezone=UTC"
+ "&user=" + connectionArgs.getDbUser()
+ "&password=" + connectionArgs.getDbPassword()
// Standard useSSl value for our MySQL connections.
+ "&useSSL=false";
I've tried useSSL at the beginning and at the end.
The message itself says one way to resolve the situation is to explicitly disable SSL by setting useSSL=false - which we have done.
This was not a problem with 5.x versions that we have used previously.
How to repeat:
We're instantiating the connection like this:
String connectionString
= "jdbc:mysql://" + connectionArgs.getDbServer() + ":" + connectionArgs.getDbPort()
+ "/" + connectionArgs.getDbName()
// If connection times out waiting for response from server, reconnect. Required for
// long-running queries.
+ "?autoReconnect=true"
+ "&socketTimeout=3600&connectTimeout=3600"
+ "&serverTimezone=UTC"
+ "&user=" + connectionArgs.getDbUser()
+ "&password=" + connectionArgs.getDbPassword()
// Standard useSSl value for our MySQL connections.
+ "&useSSL=false";
try {
connectionArgs.setConn(DriverManager.getConnection(connectionString));
MysqlDataSource dataSource = new MysqlDataSource();
dataSource.setServerName(connectionArgs.getDbServer());
dataSource.setUser(connectionArgs.getDbUser());
dataSource.setPassword(connectionArgs.getDbPassword());
dataSource.setDatabaseName(connectionArgs.getDbName());
dataSource.setPort(Integer.valueOf(connectionArgs.getDbPort()));
dataSource.setServerTimezone("UTC");
connectionArgs.setDataSource(dataSource);
connectionArgs.setJdbcTemplate(new JdbcTemplate(connectionArgs.getDataSource()));
then using jdbctemplate for accessing the DB. Each query we execute generates another one of these warnings.