You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by rs...@krf.biglobe.ne.jp on 2021/10/21 11:38:38 UTC

About using MariaDB Connector/J

Hello,

SSL connection between Guacamole and DB using MaraiDB Connector/J
Regarding, SSL connection was not enabled even if the following parameters
were set.

★/etc/guacamole/guacamole.properties
 mysql-driver: mariadb
 mysql-ssl-mode: required
 mysql-ssl-trust-store: /opt/jks/xxxx.jks
 mysql-ssl-trust-password: XXXXXXXX

I created the following files for troubleshooting. When I ran it, the SSL
connection was successful.
----------------------------------------------------------------------------
-------------------------
vim Sample.java
import java.sql.*;

public class Sample {

	public static void main(String[] args) {
		Connection conn = null;
		try {
			Class.forName("org.mariadb.jdbc.Driver");
			conn =
DriverManager.getConnection("jdbc:mysql://xxxxx:3306/xxx?user=xxxx&password=
xxxx&useSSL=true&trustStore=/opt/jks/xxx.jks&trustStorePassword=XXXXXXXX");

			Statement statement = conn.createStatement();
			ResultSet resultSet = statement.executeQuery("SELECT
count(*) FROM sample;");
			resultSet.next();
			System.out.println(resultSet.getInt(1));
			conn.close();

		} catch (Exception e) {
			e.printStackTrace();
		}
	}
}

javac Sample.java
java Sample
----------------------------------------------------------------------------
-------------------------

Using MySQL Connector/J, SSL connection was possible from Guacamole with the
same settings.
※In the above example, I deleted "Mysql-driver: mariadb" in
"guacamole.properties"

The default setting for MariaDB Connector/J seems to be useSsl = false.
https://mariadb.com/kb/en/about-mariadb-connector-j/#tls-parameters

Is there a parameter to set "useSSL = true" when connecting to SSL using
Mariadb Connector/J?
If not, do I need to change the following sources?

★MySQLAuthenticationProviderModule.java
 
guacamole-client/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-
mysql/src/main/java/org/apache/guacamole/auth/mysql/MySQLAuthenticationProvi
derModule.java

★Target location
 90        // For compatibility, set legacy useSSL property when SSL is
disabled.
 91        if (sslMode == MySQLSSLMode.DISABLED)
 92            driverProperties.setProperty("useSSL", "false");

Thank you.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org