[resolved] Create a new connection to mysql using SSL

Highlighted
One Star

[resolved] Create a new connection to mysql using SSL

Hello,
I need to access a mysql database secured with SSL certificates.
I have the certificates on my dektop, and I was able to access the database using Mysql Workbench.
How should I configure the mysql Db connection in the Metadata ?
I tried to do it as described in this post : , with adding something like that in the additionnal parameters :
noDatetimeStringSync=true&verifyServerCertificate=true&useSSL=true&requireSSL=true&ssl_ca=C:/Users/Desktop/SQL Dev/ca-cert.pem&ssl_key=C:/Users/Desktop/SQL Dev/client-key.pem&ssl_cert=C:/Users/Desktop/SQL Dev/client-cert.pem
But I get this error :

The last packet successfully received from the server was 45 milliseconds ago.  The last packet sent successfully to the server was 44 milliseconds ago.
      at org.talend.core.model.metadata.builder.database.JDBCDriverLoader.getConnection(JDBCDriverLoader.java:195)
      at org.talend.core.model.metadata.builder.database.ExtractMetaDataUtils.connect(ExtractMetaDataUtils.java:1092)
      at org.talend.core.model.metadata.builder.database.ExtractMetaDataFromDataBase.testConnection(ExtractMetaDataFromDataBase.java:315)
      at org.talend.metadata.managment.repository.ManagerConnection.check(ManagerConnection.java:289)
      at org.talend.repository.ui.wizards.metadata.connection.database.DatabaseForm$59.runWithCancel(DatabaseForm.java:3812)
      at org.talend.repository.ui.wizards.metadata.connection.database.DatabaseForm$59.runWithCancel(DatabaseForm.java:1)
      at org.talend.repository.ui.dialog.AProgressMonitorDialogWithCancel$1.runnableWithCancel(AProgressMonitorDialogWithCancel.java:77)
      at org.talend.repository.ui.dialog.AProgressMonitorDialogWithCancel$ARunnableWithProgressCancel$1.call(AProgressMonitorDialogWithCancel.java:161)
      at java.util.concurrent.FutureTask.run(Unknown Source)
      at java.lang.Thread.run(Unknown Source)
  Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
  
  The last packet successfully received from the server was 45 milliseconds ago.  The last packet sent successfully to the server was 44 milliseconds ago.
      at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
      at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
      at java.lang.reflect.Constructor.newInstance(Unknown Source)
      at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
      at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:1127)
      at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:104)
      at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:5285)
      at com.mysql.jdbc.MysqlIO.proceedHandshakeWithPluggableAuthentication(MysqlIO.java:1720)
      at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1288)
      at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2506)
      at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2539)
      at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2321)
      at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:832)
      at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:46)
      at sun.reflect.GeneratedConstructorAccessor68.newInstance(Unknown Source)
      at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
      at java.lang.reflect.Constructor.newInstance(Unknown Source)
      at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
      at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:417)
      at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:344)
      at org.talend.core.model.metadata.builder.database.DriverShim.connect(DriverShim.java:41)
      at org.talend.core.model.metadata.builder.database.JDBCDriverLoader.getConnection(JDBCDriverLoader.java:186)
      ... 9 more
  Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.ssl.Alerts.getSSLException(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
      at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
      at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
      at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
      at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
      at sun.security.ssl.Handshaker.processLoop(Unknown Source)
      at sun.security.ssl.Handshaker.process_record(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
      at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:89)
      ... 25 more
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
      at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
      at sun.security.validator.Validator.validate(Unknown Source)
      at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
      at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
      at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
      ... 34 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
      at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
      at java.security.cert.CertPathBuilder.build(Unknown Source)
      ... 40 more


I wasn't able to find anything in the Talend documentation or in the help section...
Thank you,
Nicolas

Accepted Solutions
One Star

Re: [resolved] Create a new connection to mysql using SSL

I got it :
https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-using-ssl.html
The additional parameters only need the useSSL=true option. And the java keystore must be updated as described in the url above.
Nicolas

All Replies
One Star

Re: [resolved] Create a new connection to mysql using SSL

I got it :
https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-using-ssl.html
The additional parameters only need the useSSL=true option. And the java keystore must be updated as described in the url above.
Nicolas

What’s New for Talend Spring ’19

Watch the recorded webinar!

Watch Now

Tutorial

Introduction to Talend Open Studio for Data Integration.

Watch

Downloads and Trials

Test drive Talend's enterprise products.

Downloads

Definitive Guide to Data Integration

Practical steps to developing your data integration strategy.

Download