Following Upgrade From JDBC Driver 5.1.41 To 5.1.43 Bad Handshake Errors Began To Occur.
Last updated on JANUARY 18, 2018
Applies to:MySQL Connectors - Version 5.1 and later
Information in this document applies to any platform.
May also receive the WARNING:
"Mon Oct 09 09:54:08 CDT 2017 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification."
The WARNING Doesn't cause the problem, it reports SSL connection is established without server certificate verification. The SSL connection without Server Certificate Verification is not recommended. To avoid this warning user needs to provide truststore to c/J.
The server certificate validation process was corrected on Connector J 5.1.43, so the problem MAY be caused by the default JVM "truststore" isn't available. The JVM "truststore" may not contain correct CA for server certificate or a miss-configuration.
As soon as upgrading our production system from MySQL JDBC driver 5.1.41 to MySQL JDBC driver 5.1.43 “Bad Handshake” errors began to occur. The problem is occurring with connections opened by the JREPORT reporting tool.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms