问题
I have access to 2 MySQL Servers (one for production and one for development). I have the host, port, database, user, password and the CA Cert file for them. I could connect to both using mysql workbench and from the windows cmd. (Yes, I have to work on windows for now)
Now according to security requirements, I need to connect using protocol TLSv1.2 or TLSv1.2, and Cipher AES256 and SHA2. These are currently not enforced on the development server, but they are on the production, and I am not able to connect on the production right now.
I satisfy AES256 and TLSv1.1 requirement.
But how do I get my client to connect using SHA2? Both Workbench and CMD doesn't work when I specify a cipher using both AES256 and SHA256 or SHA384. But it works fine if I specify something like AES256-SHA. Does this mean that it is not supported and I need to update something? By default, it uses 'DHE-RSA-AES256-SHA'
If I try to set one of the AES256-SHA2 cipher on the production, I get the error:
ERROR 2026 (HY000): SSL connection error: Failed to set ciphers to use
If I don't specify any ciphers, I get the error
ERROR 2026 (HY000): SSL connection error: unknown error number
I've looked up multiple posts on stackoverflow, mysql devs and mysql bugs website, and none seem to address this.
I have to ultimately get this to work with Ms. Access, since MySQL will be the backend for it. I even tried by creating a system DSN, but the same error pops up.
Maybe the ODBC Connector doesn't support SHA2? I couldn't find anything on this anywhere.
I have the latest version of ODBC and MySQL Workbench.
回答1:
Turns out, the community versions(free) of MySQL Workbench and ODBC are compiled using yaSSL while the commercial versions use OpenSSL. And SHA2 is not supported by yaSSL. Once I got the commercial versions, I was able to connect using SHA2.
来源:https://stackoverflow.com/questions/43402892/connect-to-mysql-using-sha2