dbconfig.xml requires useSSL=false for MySQL

[wivaku]

Prerequisites

• [x] Put an X between the brackets on this line if you have done all of the following:
  • Reproduced the problem.
  • Checked that your issue isn't already filed.
  • Filled the form.
  • Included logs and system information.

Description

Upgraded from 7.13.0 to 8.13.1, using MySQL 5.7.
When starting up log shows:

javax.net.ssl.SSLException
WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.

Steps to Reproduce

See above.

Expected behavior: [What you expect to happen]

&useSSL=false is added to dbconfig.xml e.g.

/myjira:3306/jira_staging?autoReconnect=true&amp;characterEncoding=utf8&amp;useUnicode=true&amp;sessionVariables=default_storage_engine%3DInnoDB&amp;useSSL=false<

BTW. documentation refers to 5.6, should be 5.7 or 8.

Actual behavior: [What actually happens]

See above.

Reproduces how often: [What percentage of the time does it reproduce?]

100%

Versions

Logs And Environment Information

jirastaging    | Sun Nov 22 17:31:16 GMT 2020 WARN: Caught while disconnecting...
jirastaging    |
jirastaging    | EXCEPTION STACK TRACE:
jirastaging    |
jirastaging    |
jirastaging    |
jirastaging    | ** BEGIN NESTED EXCEPTION **
jirastaging    |
jirastaging    | javax.net.ssl.SSLException
jirastaging    | MESSAGE: closing inbound before receiving peer's close_notify
jirastaging    |
jirastaging    | STACKTRACE:
jirastaging    |
jirastaging    | javax.net.ssl.SSLException: closing inbound before receiving peer's close_notify
jirastaging    | 	at sun.security.ssl.Alert.createSSLException(Alert.java:133)
jirastaging    | 	at sun.security.ssl.Alert.createSSLException(Alert.java:117)
jirastaging    | 	at sun.security.ssl.TransportContext.fatal(TransportContext.java:311)
jirastaging    | 	at sun.security.ssl.TransportContext.fatal(TransportContext.java:267)
jirastaging    | 	at sun.security.ssl.TransportContext.fatal(TransportContext.java:258)
jirastaging    | 	at sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:637)
jirastaging    | 	at sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:616)
jirastaging    | 	at com.mysql.jdbc.MysqlIO.quit(MysqlIO.java:2249)
jirastaging    | 	at com.mysql.jdbc.ConnectionImpl.realClose(ConnectionImpl.java:4232)
jirastaging    | 	at com.mysql.jdbc.ConnectionImpl.close(ConnectionImpl.java:1472)
jirastaging    | 	at org.apache.commons.dbcp2.DelegatingConnection.closeInternal(DelegatingConnection.java:235)
jirastaging    | 	at org.apache.commons.dbcp2.PoolableConnection.reallyClose(PoolableConnection.java:243)
jirastaging    | 	at org.apache.commons.dbcp2.PoolableConnectionFactory.destroyObject(PoolableConnectionFactory.java:334)
jirastaging    | 	at org.apache.commons.pool2.impl.GenericObjectPool.destroy(GenericObjectPool.java:890)
jirastaging    | 	at org.apache.commons.pool2.impl.GenericObjectPool.evict(GenericObjectPool.java:800)
jirastaging    | 	at org.apache.commons.pool2.impl.BaseGenericObjectPool$Evictor.run(BaseGenericObjectPool.java:1026)
jirastaging    | 	at java.util.TimerThread.mainLoop(Timer.java:555)
jirastaging    | 	at java.util.TimerThread.run(Timer.java:505)
jirastaging    |
jirastaging    |
jirastaging    | ** END NESTED EXCEPTION **
jirastaging    |
jirastaging    |
jirastaging    | Sun Nov 22 17:31:16 GMT 2020 WARN: Caught while disconnecting...
jirastaging    |
jirastaging    | EXCEPTION STACK TRACE:
jirastaging    |
jirastaging    |
jirastaging    |
jirastaging    | ** BEGIN NESTED EXCEPTION **
jirastaging    |
jirastaging    | javax.net.ssl.SSLException
jirastaging    | MESSAGE: closing inbound before receiving peer's close_notify
jirastaging    |
jirastaging    | STACKTRACE:
jirastaging    |
jirastaging    | javax.net.ssl.SSLException: closing inbound before receiving peer's close_notify
jirastaging    | 	at sun.security.ssl.Alert.createSSLException(Alert.java:133)
jirastaging    | 	at sun.security.ssl.Alert.createSSLException(Alert.java:117)
jirastaging    | 	at sun.security.ssl.TransportContext.fatal(TransportContext.java:311)
jirastaging    | 	at sun.security.ssl.TransportContext.fatal(TransportContext.java:267)
jirastaging    | 	at sun.security.ssl.TransportContext.fatal(TransportContext.java:258)
jirastaging    | 	at sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:637)
jirastaging    | 	at sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:616)
jirastaging    | 	at com.mysql.jdbc.MysqlIO.quit(MysqlIO.java:2249)
jirastaging    | 	at com.mysql.jdbc.ConnectionImpl.realClose(ConnectionImpl.java:4232)
jirastaging    | 	at com.mysql.jdbc.ConnectionImpl.close(ConnectionImpl.java:1472)
jirastaging    | 	at org.apache.commons.dbcp2.DelegatingConnection.closeInternal(DelegatingConnection.java:235)
jirastaging    | 	at org.apache.commons.dbcp2.PoolableConnection.reallyClose(PoolableConnection.java:243)
jirastaging    | 	at org.apache.commons.dbcp2.PoolableConnectionFactory.destroyObject(PoolableConnectionFactory.java:334)
jirastaging    | 	at org.apache.commons.pool2.impl.GenericObjectPool.destroy(GenericObjectPool.java:890)
jirastaging    | 	at org.apache.commons.pool2.impl.GenericObjectPool.evict(GenericObjectPool.java:800)
jirastaging    | 	at org.apache.commons.pool2.impl.BaseGenericObjectPool$Evictor.run(BaseGenericObjectPool.java:1026)
jirastaging    | 	at java.util.TimerThread.mainLoop(Timer.java:555)
jirastaging    | 	at java.util.TimerThread.run(Timer.java:505)
jirastaging    |
jirastaging    |
jirastaging    | ** END NESTED EXCEPTION **
jirastaging    |
jirastaging    |
jirastaging    | Sun Nov 22 17:31:16 GMT 2020 WARN: Caught while disconnecting...
jirastaging    |
jirastaging    | EXCEPTION STACK TRACE:
jirastaging    |
jirastaging    |
jirastaging    |
jirastaging    | ** BEGIN NESTED EXCEPTION **
jirastaging    |
jirastaging    | javax.net.ssl.SSLException
jirastaging    | MESSAGE: closing inbound before receiving peer's close_notify
jirastaging    |
jirastaging    | STACKTRACE:
jirastaging    |
jirastaging    | javax.net.ssl.SSLException: closing inbound before receiving peer's close_notify
jirastaging    | 	at sun.security.ssl.Alert.createSSLException(Alert.java:133)
jirastaging    | 	at sun.security.ssl.Alert.createSSLException(Alert.java:117)
jirastaging    | 	at sun.security.ssl.TransportContext.fatal(TransportContext.java:311)
jirastaging    | 	at sun.security.ssl.TransportContext.fatal(TransportContext.java:267)
jirastaging    | 	at sun.security.ssl.TransportContext.fatal(TransportContext.java:258)
jirastaging    | 	at sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:637)
jirastaging    | 	at sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:616)
jirastaging    | 	at com.mysql.jdbc.MysqlIO.quit(MysqlIO.java:2249)
jirastaging    | 	at com.mysql.jdbc.ConnectionImpl.realClose(ConnectionImpl.java:4232)
jirastaging    | 	at com.mysql.jdbc.ConnectionImpl.close(ConnectionImpl.java:1472)
jirastaging    | 	at org.apache.commons.dbcp2.DelegatingConnection.closeInternal(DelegatingConnection.java:235)
jirastaging    | 	at org.apache.commons.dbcp2.PoolableConnection.reallyClose(PoolableConnection.java:243)
jirastaging    | 	at org.apache.commons.dbcp2.PoolableConnectionFactory.destroyObject(PoolableConnectionFactory.java:334)
jirastaging    | 	at org.apache.commons.pool2.impl.GenericObjectPool.destroy(GenericObjectPool.java:890)
jirastaging    | 	at org.apache.commons.pool2.impl.GenericObjectPool.evict(GenericObjectPool.java:800)
jirastaging    | 	at org.apache.commons.pool2.impl.BaseGenericObjectPool$Evictor.run(BaseGenericObjectPool.java:1026)
jirastaging    | 	at java.util.TimerThread.mainLoop(Timer.java:555)
jirastaging    | 	at java.util.TimerThread.run(Timer.java:505)
jirastaging    |
jirastaging    |
jirastaging    | ** END NESTED EXCEPTION **
jirastaging    |
jirastaging    |
jirastaging    | Sun Nov 22 17:31:16 GMT 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
jirastaging    | Sun Nov 22 17:31:16 GMT 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.

[wivaku]

did you get a chance to look at this one?

[TheCelavi]

OMG - we needed to re-create our containers and we are now dead stick in the water. JIRA_DATABASE_URL allows only to set some of the possible variables, but it does not allow you to set useSSL. Why, omg why?

[wivaku]

any thoughts? If I manually update dbconfig.xml then it is reset to the default after the next restart.

[ASantsSec]

any thoughts? If I manually update dbconfig.xml then it is reset to the default after the next restart.

Same situation, I did this and it works fine for me: <url><![CDATA[jdbc:mysql://address=(protocol=tcp)(host=localhost)(port=3388)/jira?useSSL=false&sessionVariables=default_storage_engine=InnoDB]]></url>