mysql icon indicating copy to clipboard operation
mysql copied to clipboard

Published 20 hours ago verified publisher icon go-sql-driver

Error `tls: handshake failure` on try to connect to mysql 5.7 with SSL client certs

Open randreev1321 opened this issue 4 months ago • 5 comments

Issue description

Failed to connect to mysql server version 5.7.44 using SSL client certificates. An error is returned. Everything works correctly with mysql server version 8.4.2.

Example code

	rootCertPool := x509.NewCertPool()
	pem, err := os.ReadFile("certs/ca-cert.pem")
	if err != nil {
		log.Fatal(err)
	}
	if ok := rootCertPool.AppendCertsFromPEM(pem); !ok {
		log.Fatal("Failed to append PEM.")
	}
	clientCert := make([]tls.Certificate, 0, 1)
	certs, err := tls.LoadX509KeyPair("certs/client-cert.pem", "certs/client-key.pem")
	if err != nil {
		log.Fatal(err)
	}
	clientCert = append(clientCert, certs)
	mysql.RegisterTLSConfig("custom", &tls.Config{
		RootCAs:      rootCertPool,
		Certificates: clientCert,
		InsecureSkipVerify: true,
	})
	db, err := sql.Open("mysql", "user@tcp(localhost:3306)/test?tls=custom")
	if err != nil {
		log.Fatal(err)
	}

Error log

MySQL connect error: remote error: tls: handshake failure

Configuration

v1.8.1

Go version: go version go1.22.6 darwin/arm64

Server version: MySQL 5.7.44

Server OS: oraclelinux7

randreev1321 avatar Oct 08 '24 15:10 randreev1321