Older Connector/J Failed to Connect to 5.7.29 - KeyUsage does not allow digital signatures
(Doc ID 2653539.1)
Last updated on APRIL 06, 2020
Applies to:MySQL Server - Version 5.7 and later
Information in this document applies to any platform.
Older version of Connector/J may connect to 5.7.27, but fail to connect to 5.7.29 under some circumstances. The stacktrace/error looks like this:
After running the java application with -Djavax.net.debug=all it is apparent that Connector/J 5.1 tries to use the following ciphers when connecting to MySQL 5.7.27 and 5.7.29 respectively:
5.7.27 is using: TLS_RSA_WITH_AES_256_CBC_SHA256 (works)
5.7.29 is using: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (fails)
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document