2

Please know that I am quite new at databases. I was able to properly install mySQL and install the java connector driver. But whenever I run a program in eclipse and try to retrieve info from a database I created I get the following message: "SSL Connection required, but not supported by server". Here the code I want to run with a secure SSL connection:

`public static void main(String[] args) {

    String username = "";
    String password = "";
    String dbURL = "jdbc:mysql://localhost:3306/demo" 
                    + "?verifyServerCertificate=false"
                    + "&useSSL=false"
                    + "&requireSSL=false";


    try{
        // 1. Get a connection to database

        Connection myConn = DriverManager.getConnection(dbURL, username,    password);

        // 2. Create a statement

        Statement myStmt = myConn.createStatement();

        // 3. Execute SQL query

        ResultSet myRs = myStmt.executeQuery("select name from movies");

        // 4. Process the result set

        while(myRs.next()){
            System.out.println(myRs.getString("name") );
        }
    }
    catch(Exception exc){
        exc.printStackTrace();
    }`
Improve this question

1 Answer 1

Reset to default
4

To enable SSL connections, your MySQL distribution must be built with SSL support, as described here. In addition, the proper SSL-related options must be used to specify the appropriate certificate and key files.

To check SSL support you can use this command:

mysqld --ssl --help

To communicate with a MySQL database by using SSL and JDBC you should pass some connection propery in the JDBC URL:

String dbURL = "jdbc:mysql://localhost:3306/demo" 
    + "?verifyServerCertificate=true" 
    + "&useSSL=true"
    + "&requireSSL=true";
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Bypassing certificate verification means you might as well not be using SSL at all.
@o11c I disagree. The trafic will still be SSL encrypted.
@frankhommers yes, but encrypted using the attacker's choice of certificate, not the server's real certificate.
@o11c when not attacked, using ssl will encrypt. Not using it will make all your queries and results sniffable.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.