weixin_39738251
weixin_39738251
2020-12-09 09:02

Add troubleshooting help for "SSL connection error: unknown error number"

Re: Accessing MySQL Databases

Priority (Low‚ Medium‚ High): High

Issue Description:

When connecting to a MySQL server, you may encounter this error — "SSL connection error: unknown error number". This may be due to TLS versions or local CA certs.

Suggested Resolution

  • Add links or instructions for how to update your local cert.
  • Guide for doing this w/ MySQL Workbench: https://dev.mysql.com/doc/workbench/en/wb-mysql-connections-ssl-wizard.html

(Edit: noting there are a few different things that may cause this. still researching.)

Internal ref: https://pantheon.slack.com/archives/C03SRV7HB/p1529363538000186

该提问来源于开源项目:pantheon-systems/documentation

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

8条回答

  • weixin_39738251 weixin_39738251 5月前

    I don't think we want to officially recommend they bypass SSL, even though it does get people around this error in a pinch. That said, I don't know how to clear this up yet, and I haven't been able to reproduce the issue myself, but a few people in CSE have been running into it this week. We've had maybe 5-10 reports from customers about it in the last few days.

    点赞 评论 复制链接分享
  • weixin_39535287 weixin_39535287 5月前

    This guide might help renew the local ca cert needed by mysql - https://dev.mysql.com/doc/refman/5.7/en/creating-ssl-rsa-files-using-mysql.html

    点赞 评论 复制链接分享
  • weixin_39573512 weixin_39573512 5月前

    We're experiencing this issue on all of our site environments except live for our entire organization. It seems to have popped up in the last week or so. The official answer is to add local CA certs for every site, which is not something we've had to do in the past.

    点赞 评论 复制链接分享
  • weixin_39773158 weixin_39773158 5月前

    Marking as blocked pending BUGS-2075

    点赞 评论 复制链接分享
  • weixin_39773158 weixin_39773158 5月前

    Resolved by BUGS-2075

    点赞 评论 复制链接分享
  • weixin_39706491 weixin_39706491 5月前

    one user reported that this suggestion didn't work for MySQL Workbench

    This seems to work for them: https://www.screencast.com/t/7t16Y7qY When creating new connection: 1) Connection Tab 2) Connection method: (TCP/IP) > SSL Tab 3) Use SSL : No

    Another solution that worked from the command line was adding the --ssl-mode=disabled flag

    点赞 评论 复制链接分享
  • weixin_39773158 weixin_39773158 5月前

    -alberto wouldn't disabling SSL mean that their DB data is being transmitted in clear text? Would we not want to avoid that sort of security risk?

    点赞 评论 复制链接分享
  • weixin_39706491 weixin_39706491 5月前

    That would be correct :) maybe this option will be the last resort if all else fails, with a big disclaimer of the risk involved if using this method.

    点赞 评论 复制链接分享

相关推荐