SSL Connection via PAM Authentication Fails over Connector/J When Using Latest Ciphers

(Doc ID 2324042.1)

Last updated on NOVEMBER 01, 2017

Applies to:

MySQL Connectors - Version 5.1 and later
Information in this document applies to any platform.

Goal

Why do I get an SSL failure when attempting to connect using Connector/J via a newer cipher type with MySQL Server?

Attempting via mysql client shows the following:

As for the server being configured to allow secured connections:
mysql> \s
--------------
mysql Ver 14.14 Distrib 5.7.18, for Win64 (x86_64)

Connection id: 630645
Current database:
Current user: myuser@myhost.example.com
SSL: Cipher in use is DHE-RSA-AES128-GCM-SHA256
Using delimiter: ;
Server version: 5.7.18-enterprise-commercial-advanced-log MySQL Enterprise Server - Advanced Edition (Commercial)
Protocol version: 10
Connection: mysql_server via TCP/IP
Server characterset: latin1
Db characterset: latin1
Client characterset: cp850
Conn. characterset: cp850
TCP port: 3306
Uptime: 6 days 1 hour 36 min 31 sec

Threads: 5 Questions: 4975151 Slow queries: 0 Opens: 2034 Flush tables: 2 Open tables: 767 Queries per second avg: 9.491
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms