I'm trying to connect to an SSL-enabled mysql server from my own java application. After setting up ssl on mysqld, and successfuly tested an account using "REQUIRE ISSUER and SUBJECT", I wanted to use that account in a java app.
I've generated a private key (to a file called keystore.jks) and csr using keytool, and signed the csr using my own CA(The same used with mysqld and its certificate).
Once signed the csr, I've imported the CA and client cert into the keystore.jks file. When running the application the SSL connection can't be established. Relevant logs:
...
[Raw read]: length = 5
0000: 16 00 00 02 FF .....
main, handling exception: javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
main, SEND TLSv1 ALERT: fatal, description = unexpected_message
Padded plaintext before ENCRYPTION: len = 32
0000: 02 0A BE 0F AD 64 0E 9A 32 3B FE 76 EF 40 A4 C9 .....d..2;.v.@..
0010: B4 A7 F3 25 E7 E5 09 09 09 09 09 09 09 09 09 09 ...%............
main, WRITE: TLSv1 Alert, length = 32
[Raw write]: length = 37
0000: 15 03 01 00 20 AB 41 9E 37 F4 B8 44 A7 FD 91 B1 .... .A.7..D....
0010: 75 5A 42 C6 70 BF D4 DC EC 83 01 0C CF 64 C7 36 uZB.p........d.6
0020: 2F 69 EC D2 7F /i...
main, called closeSocket()
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
connection error
com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
Any idea why is this happening?
Best Answer
It looks like you've run into a known bug. Check out documentation on it at the mysql bug tracker