MySQL – Establishing SSL connection without server’s identity verification is not recommended
Start a Spring Boot application and making a JDBC connection, hits the following warning messages on console :
Fri Feb 10 18:43:02 SGT 2017 WARN: Establishing SSL connection without server's identity verification is not recommended.
According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set.
For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'.
You need either to explicitly disable SSL by setting useSSL=false,
or set useSSL=true and provide truststore for server certificate verification.
//... repeat over and over
Here’s the connection properties :
application.properties
#mysql datasource
spring.datasource.url=jdbc:mysql://localhost/mkyong
spring.datasource.username=root
spring.datasource.password=password
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
P.S Tested with MySQL 5.7.17
Solution
To fix it, append a useSSL=false
at the end of the MySQL connection string :
application.properties
#mysql datasource
spring.datasource.url=jdbc:mysql://localhost/mkyong?useSSL=false
spring.datasource.username=root
spring.datasource.password=password
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
How about if you wanted to establish an SSL connection, how would you go about doing that?
I can’t believe how these posts are actually appreciated. Q: how do you solve a security issue? A: You IGNORE IT! Really, really clever, I must say.
Yeah, and try to find the real answer anywhere! This ‘just disable it’ non-answer is all over the internet. Does anyone know how to fix it really?
Connecting to a localhost server should not introduce security risk. Remote databases are of course a different question.
thanks, it worked perfectly.
super sir
Thank Youuuuuuuuuuuuuuuuuuuuu
thanks a lot makyong….. you saved me
nice its working for me
Keep up the good work! You `re one of the best references for java topics
Agora você vai ficar chupando o pau dele ?
Thank you so much sir. You saved me
Where i can find this application.properties?
src/main/resource
if it is not present then create one manually
YOu’ve saved me so many times!