Mysql数据库连接失败SSLException: Unsupported record version Unknown-0.0问题
作者:chgiser
问题描述
- mysql版本:5.7.27
- jdk版本:1.8.0_201
tomcat日志中报错,显示连接数据库失败,报错信息如下:
The last packet successfully received from the server was 152 milliseconds ago. The last packet sent successfully to the server was 147 milliseconds ago.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:981)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:164)
... 89 more
Caused by: javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
at sun.security.ssl.InputRecord.checkRecordVersion(InputRecord.java:552)
at sun.security.ssl.InputRecord.readV3Record(InputRecord.java:565)
at sun.security.ssl.InputRecord.read(InputRecord.java:529)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:975)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:149)
... 89 more
Mon Dec 09 13:15:02 CST 2019 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
2019-12-09 13:15:02,494 ERROR [com.alibaba.druid.pool.DruidDataSource] - <create connection error, url: jdbc:mysql://127.0.0.1:3306/test?useUnicode=true&zeroDateTimeBehavior=convertToNull&characterEncoding=UTF-8, errorCode 0, state 08S01>
com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
解决方法
显示配置数据库连接地址useSSL=false,如
jdbc:mysql://127.0.0.1:3306/test?useUnicode=true&zeroDateTimeBehavior=convertToNull&characterEncoding=UTF-8&useSSL=false
问题延伸
另一种比较麻烦的问题是geoserver也出现了类似连接mysql异常的问题,
报错信息如下:
ERROR [geoserver.ows] -
java.lang.RuntimeException: Error getting FeatureType, this should never happen!
at org.geoserver.wms.map.GetMapKvpRequestReader.checkStyle(GetMapKvpRequestReader.java:1218)
at org.geoserver.wms.map.GetMapKvpRequestReader.read(GetMapKvpRequestReader.java:566)
... 100 more
Caused by: java.io.IOException
at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:632)
at org.geoserver.catalog.ResourcePool.getCacheableFeatureType(ResourcePool.java:916)
at org.geoserver.catalog.ResourcePool.tryGetFeatureType(ResourcePool.java:901)
at org.geoserver.catalog.ResourcePool.getFeatureType(ResourcePool.java:893)
at org.geoserver.catalog.ResourcePool.getFeatureType(ResourcePool.java:878)
... 111 more
Caused by: java.lang.RuntimeException: Unable to obtain connection: Cannot create PoolableConnectionFactory (Communications link failureThe last packet successfully received from the server was 2 milliseconds ago. The last packet sent successfully to the server was 2 milliseconds ago.)
at org.geotools.jdbc.JDBCDataStore.createConnection(JDBCDataStore.java:2186)
at org.geotools.jdbc.JDBCDataStore.createTypeNames(JDBCDataStore.java:978)
at org.geotools.data.store.ContentDataStore.getTypeNames(ContentDataStore.java:259)
at org.vfny.geoserver.util.DataStoreUtils.getDataAccess(DataStoreUtils.java:88)
at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:591)
... 115 more
Caused by: org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Communications link failureThe last packet successfully received from the server was 2 milliseconds ago. The last packet sent successfully to the server was 2 milliseconds ago.)
at org.apache.commons.dbcp.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:1549)
at org.apache.commons.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1388)
at org.apache.commons.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044)
at org.geotools.data.jdbc.datasource.AbstractManageableDataSource.getConnection(AbstractManageableDataSource.java:41)
at org.geotools.jdbc.JDBCDataStore.createConnection(JDBCDataStore.java:2170)
... 119 more
Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failureThe last packet successfully received from the server was 2 milliseconds ago. The last packet sent successfully to the server was 2 milliseconds ago.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:425)
at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:990)
... 143 more
Caused by: javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
at sun.security.ssl.InputRecord.checkRecordVersion(InputRecord.java:552)
at sun.security.ssl.InputRecord.readV3Record(InputRecord.java:565)
at sun.security.ssl.InputRecord.read(InputRecord.java:529)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:975)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:186)
... 142 more
查找了geoserver中mysql插件的相关配置项,没有找到设置SSL连接的属性,在不修改geoserver源码的情况下,只能修改mysql的ssl配置来修复了,
在mysql的配置文件my.cnf中加上一行:
# disable_ssl skip_ssl
重启MySQL:
service mysqld restart
再查看SSL的开启状态:
SHOW VARIABLES LIKE '%ssl%';
看到have_ssl的值为DISABLED,表示已关闭SSL。
总结
以上为个人经验,希望能给大家一个参考,也希望大家多多支持脚本之家。