Home » Java » java – Verify whether –require_secure_transport=ON for MySQL is working using Spring Boot-Exceptionshub

java – Verify whether –require_secure_transport=ON for MySQL is working using Spring Boot-Exceptionshub

Posted by: admin February 25, 2020 Leave a comment

Questions:

I have to enable SSL for Spring Boot + MySQL App

I have enabled SSL for MySQL and set --require_secure_transport=ON in my.cnf.


When I try to log in to MySQL using

mysql -unon_ssl_user -p -h XXX.XXX.100.158

I get

ERROR 3159 (HY000): Connections using insecure transport are prohibited while --require_secure_transport=ON.

which is correct as secure transport is forced.


I am able to login to mysql using

mysql -ussl_user -p -h XXX.XXX.100.158 --ssl-ca=ca.pem --ssl-cert=client-cert.pem --ssl-key=client-key.pem

this also correct.


When I am using non_ssl_user or ssl_user without certificates using spring boot, I am able to connect to database.

My application.properties file contains:

-----
spring.datasource.url=jdbc:mysql://XXX.XXX.100.158:3306/ssl_db
spring.datasource.username=ssl_user
spring.datasource.password=*********
-----

I think mysql should not allow user/springboot app to connect to database without certificates.


Is this the intended behaviour?

Am I missing something here?

Thank you!

How to&Answers: