How to Deal with Connector/J Error "Establishing SSL connection without server's identity verification is not recommended"
(Doc ID 2326378.1)
Last updated on MARCH 02, 2020
Applies to:MySQL Connectors - Version 5.1 and later
Information in this document applies to any platform.
May also receive the WARNING:
"Mon Oct 09 09:54:08 CDT 2017 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification."
The WARNING Doesn't cause the problem, it reports SSL connection is established without server certificate verification. The SSL connection without Server Certificate Verification is not recommended. To avoid this warning user needs to provide truststore to c/J.
The server certificate validation process was corrected on Connector J 5.1.43, so the problem MAY be caused by the default JVM "truststore" isn't available. The JVM "truststore" may not contain correct CA for server certificate or a miss-configuration.
How to deal with error reported by Connector/J:
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document