By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

We are not able to connect rds mysql after upgrading from mysql 5.7 to 8.0.34

0

We are not able to connect rds mysql after upgrading from mysql 5.7 to 8.0.34 Receiving below error message. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. Stack Trace: at MySql.Data.Common.Ssl.StartSSL(Stream& baseStream, Encoding encoding, String connectionString) at MySql.Data.MySqlClient.NativeDriver.Open() at MySql.Data.MySqlClient.Driver.Open() at MySql.Data.MySqlClient.Driver.Create(MySqlConnectionStringBuilder settings) at MySql.Data.MySqlClient.MySqlConnection.Open() at Quest.Toad.MySQL.MySQLConnection.OpenInitialTestConnection() at Quest.Toad.MySQL.MySQLConnection.DoBeforeConnect() at Quest.Toad.Db.Connection.Connect(Boolean notify) at Quest.Toad.Db.Provider.BackgroundConnector.CreateBackgroundConnection()

System.ComponentModel.Win32Exception
The message received was unexpected or badly formatted
Topics
Migration & ModernizationAnalyticsDatabase
Tags
Amazon Relational Database ServiceMySQL
Language
English
Kanhaiya Sharma
asked 7 months ago918 views
2 Answers
1

Hi Trace,

The most likely culprits are:

TLS Version Changes: MySQL 8.0 has introduced changes in the default TLS protocol. If your client doesn't support the newer versions of TLS protocols, you will encounter issues. I had problems with older .NET plugins.

Authentication Plugin Change: MySQL 8.0 uses caching_sha2_password as the default authentication plugin. Older clients might not be compatible with this newer authentication method, leading to connection issues.

profile picture
Vitor Castellani
answered 7 months ago
  • Kanhaiya Sharma
    7 months ago

    Thanks Vitor. i found the issue. i had mysql workbench 5 which do not support tlsv1.2 or 1.3. i install mysqlworkbench 8 and able to connect now.

  • Vitor Castellani
    7 months ago

    I'm glad I could be of help!

0

Hi,

It looks like during the update you also switched to the new Certificate Authority and need to make changes on your application side. Please follow the documentation https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/ssl-certificate-rotation-mysql.html

profile picture
EXPERT
Dmytro Sirant
answered 7 months ago
  • Kanhaiya Sharma
    7 months ago

    We tried to connect with old(rds-ca-2019) and new(rds-ca-ecc384-g1) certificates. But no luck. by using mysql client we are receiving below error.

    ERROR 2026 (HY000): SSL connection error: error:00000001:lib(0):func(0):reason(1)

  • Kanhaiya Sharma
    7 months ago

    we are able to connect when we make us ssl to no in mysql workbench.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content