I have MySQL running in a docker container on version 9.2.0-1.el9. In the [mysqld] stanza in my configuration, I have require_secure_transport=ON along with internally signed and issued certificate keypair:
[mysqld]
require_secure_transport=ON
ssl_ca=/var/lib/mysql/certs/myAuthority.crt
ssl_cert=/var/lib/mysql/certs/mysqlCert.crt
ssl_key=/var/lib/mysql/certs/mysqlCert.key
This configuration ensures the MySQL connecting clients are using secure transport, and everything is working for my worldservers.
However, here's the error returned from Keira 3.10.2 when connecting to MySQL with secure transport enabled:
Error: Error: Connections using insecure transport are prohibited while --require_secure_transport=ON. at Packet.asError (C:\Users\<redacted>\AppData\Local\Temp\32jFdkEdq8gWZIvZK9H528iO3oy\resources\app.asar\node_modules\mysql2\lib\packets\packet.js:740:17) at ClientHandshake.execute (C:\Users\<redacted>\AppData\Local\Temp\32jFdkEdq8gWZIvZK9H528iO3oy\resources\app.asar\node_modules\mysql2\lib\commands\command.js:29:26) at Connection.handlePacket (C:\Users\<redacted>\AppData\Local\Temp\32jFdkEdq8gWZIvZK9H528iO3oy\resources\app.asar\node_modules\mysql2\lib\base\connection.js:475:34) at PacketParser.onPacket (C:\Users\<redacted>\AppData\Local\Temp\32jFdkEdq8gWZIvZK9H528iO3oy\resources\app.asar\node_modules\mysql2\lib\base\connection.js:93:12) at PacketParser.executeStart (C:\Users\<redacted>\AppData\Local\Temp\32jFdkEdq8gWZIvZK9H528iO3oy\resources\app.asar\node_modules\mysql2\lib\packet_parser.js:75:16) at Socket.<anonymous> (C:\Users\<redacted>\AppData\Local\Temp\32jFdkEdq8gWZIvZK9H528iO3oy\resources\app.asar\node_modules\mysql2\lib\base\connection.js:100:25) at Socket.emit (node:events:519:28) at addChunk (node:internal/streams/readable:561:12) at readableAddChunkPushByteMode (node:internal/streams/readable:512:3) at Readable.push (node:internal/streams/readable:392:5)
Code: ER_SECURE_TRANSPORT_REQUIRED
Errno: 3159
SQL State: HY000
From what I can see, there's no way to connect Keira with MySQL in this configuration since there's no option to use TLS client-side.
I have MySQL running in a docker container on version 9.2.0-1.el9. In the [mysqld] stanza in my configuration, I have require_secure_transport=ON along with internally signed and issued certificate keypair:
[mysqld]
require_secure_transport=ON
ssl_ca=/var/lib/mysql/certs/myAuthority.crt
ssl_cert=/var/lib/mysql/certs/mysqlCert.crt
ssl_key=/var/lib/mysql/certs/mysqlCert.key
This configuration ensures the MySQL connecting clients are using secure transport, and everything is working for my worldservers.
However, here's the error returned from Keira 3.10.2 when connecting to MySQL with secure transport enabled:
From what I can see, there's no way to connect Keira with MySQL in this configuration since there's no option to use TLS client-side.