Problem with SSL when connecting to MySQL

Navigation
1

Every time I connect to the Database or try to execute a query, I get the following error in console: 

Sat Sep 10 17:38:48 BOT 2016 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.

The following is my class to connect and at the same time disconnect to MySQL : 

package comm.estudiante.dao.mysql;


import comm.estudiante.dao.mysql.interfaces.DBConnection;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

public class MySQLDBConnection implements DBConnection {

String host = "localhost";
String port = "3306";
String db = "itla";
String table = "notas";
String user = "root";
String pass = "itla";
String url = "jdbc:mysql://" + host + ":" + port + "/" + db + "?user="
        + user + "&password=" + pass;
Connection con;
Statement stmnt;
ResultSet rs;

public Connection conectar() throws SQLException {
    return DriverManager.getConnection(url);
}

@Override
public void desconectar(Connection con) {
    if (con != null) {
        try {
            con.close();
        } catch (SQLException ex) {
        }
    }
}

The problem is that it is SSL but I do not know how to solve it.

    
asked by David Calderon 10.09.2016 в 23:43
source

1 answer

2

First of all, it's not a mistake, it's a warning (translation of WARN ), so it is not vital for your application to stop working, but it is recommended to solve it for environments such as production. Second, the message describes how to solve it (emphasis mine):

  

WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option is not set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL = false , or set useSSL = true and provide truststore for server certificate verification.

Translated into Spanish (translation and emphasis mine):

  

WARNING: It is not recommended to establish an SSL connection without verification of server identity. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+, SSL connection requirements must be established by default if the option is not explicitly set. For compliance with existing applications that do not use SSL, the verifyServerCertificate property (verify server certificate) is set to 'false'. You need either to disable SSL explicitly with the configuration useSSL = false , or to put useSSL = true and provide a trusted store for verification of the server certificate.

In summary, add the useSSL=false property in your connection string, in the final part where the additional arguments for the database connection go: 

String url = "jdbc:mysql://" + host + ":" + port + "/" + db + "?user=" + user + "&password=" + pass + "&useSSL=false";

Out of this, your MySQL connection url should not have the user and password parameters, these should pass as part of the getConnection method. Additionally, the code showing the allocation of String url greatly complicates its reading and maintenance. I offer you this alternative to improve readability: 

//el puerto debe ser un número, no una cadena
//String port = "3306";
int port = 3306;

String url = String.format("jdbc:mysql://%s:%d/%s?useSSL=false", host, port, db);

public Connection conectar() throws SQLException {
    return DriverManager.getConnection(url, user, password);
}
    
answered by 11.09.2016 / 09:40
source
How to make a LIMIT in Laravel? Global javascript variables