[resolved] Create a new connection to mysql using SSL

One Star

[resolved] Create a new connection to mysql using SSL

Hello,
I need to access a mysql database secured with SSL certificates.
I have the certificates on my dektop, and I was able to access the database using Mysql Workbench.
How should I configure the mysql Db connection in the Metadata ?
I tried to do it as described in this post : , with adding something like that in the additionnal parameters :
noDatetimeStringSync=true&verifyServerCertificate=true&useSSL=true&requireSSL=true&ssl_ca=C:/Users/Desktop/SQL Dev/ca-cert.pem&ssl_key=C:/Users/Desktop/SQL Dev/client-key.pem&ssl_cert=C:/Users/Desktop/SQL Dev/client-cert.pem
But I get this error :

The last packet successfully received from the server was 45 milliseconds ago.  The last packet sent successfully to the server was 44 milliseconds ago.
      at org.talend.core.model.metadata.builder.database.JDBCDriverLoader.getConnection(JDBCDriverLoader.java:195)
      at org.talend.core.model.metadata.builder.database.ExtractMetaDataUtils.connect(ExtractMetaDataUtils.java:1092)
      at org.talend.core.model.metadata.builder.database.ExtractMetaDataFromDataBase.testConnection(ExtractMetaDataFromDataBase.java:315)
      at org.talend.metadata.managment.repository.ManagerConnection.check(ManagerConnection.java:289)
      at org.talend.repository.ui.wizards.metadata.connection.database.DatabaseForm$59.runWithCancel(DatabaseForm.java:3812)
      at org.talend.repository.ui.wizards.metadata.connection.database.DatabaseForm$59.runWithCancel(DatabaseForm.java:1)
      at org.talend.repository.ui.dialog.AProgressMonitorDialogWithCancel$1.runnableWithCancel(AProgressMonitorDialogWithCancel.java:77)
      at org.talend.repository.ui.dialog.AProgressMonitorDialogWithCancel$ARunnableWithProgressCancel$1.call(AProgressMonitorDialogWithCancel.java:161)
      at java.util.concurrent.FutureTask.run(Unknown Source)
      at java.lang.Thread.run(Unknown Source)
  Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
  
  The last packet successfully received from the server was 45 milliseconds ago.  The last packet sent successfully to the server was 44 milliseconds ago.
      at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
      at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
      at java.lang.reflect.Constructor.newInstance(Unknown Source)
      at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
      at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:1127)
      at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:104)
      at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:5285)
      at com.mysql.jdbc.MysqlIO.proceedHandshakeWithPluggableAuthentication(MysqlIO.java:1720)
      at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1288)
      at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2506)
      at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2539)
      at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2321)
      at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:832)
      at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:46)
      at sun.reflect.GeneratedConstructorAccessor68.newInstance(Unknown Source)
      at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
      at java.lang.reflect.Constructor.newInstance(Unknown Source)
      at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
      at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:417)
      at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:344)
      at org.talend.core.model.metadata.builder.database.DriverShim.connect(DriverShim.java:41)
      at org.talend.core.model.metadata.builder.database.JDBCDriverLoader.getConnection(JDBCDriverLoader.java:186)
      ... 9 more
  Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.ssl.Alerts.getSSLException(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
      at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
      at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
      at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
      at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
      at sun.security.ssl.Handshaker.processLoop(Unknown Source)
      at sun.security.ssl.Handshaker.process_record(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
      at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:89)
      ... 25 more
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
      at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
      at sun.security.validator.Validator.validate(Unknown Source)
      at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
      at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
      at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
      ... 34 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
      at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
      at java.security.cert.CertPathBuilder.build(Unknown Source)
      ... 40 more


I wasn't able to find anything in the Talend documentation or in the help section...
Thank you,
Nicolas

Accepted Solutions
One Star

Re: [resolved] Create a new connection to mysql using SSL

I got it :
https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-using-ssl.html
The additional parameters only need the useSSL=true option. And the java keystore must be updated as described in the url above.
Nicolas

All Replies
One Star

Re: [resolved] Create a new connection to mysql using SSL

I got it :
https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-using-ssl.html
The additional parameters only need the useSSL=true option. And the java keystore must be updated as described in the url above.
Nicolas

Calling Talend Open Studio Users

The first 100 community members completing the Open Studio survey win a $10 gift voucher.

Start the survey

2019 GARNER MAGIC QUADRANT FOR DATA INTEGRATION TOOL

Talend named a Leader.

Get your copy

OPEN STUDIO FOR DATA INTEGRATION

Kickstart your first data integration and ETL projects.

Download now

What’s New for Talend Summer ’19

Watch the recorded webinar!

Watch Now

Best Practices for Using Context Variables with Talend – Part 4

Pick up some tips and tricks with Context Variables

Blog

How Media Organizations Achieved Success with Data Integration

Learn how media organizations have achieved success with Data Integration

Read

6 Ways to Start Utilizing Machine Learning with Amazon We Services and Talend

Look at6 ways to start utilizing Machine Learning with Amazon We Services and Talend

Blog