无法使用.NET mysql连接器连接到mysql rds实例
[英]cannot connect to mysql rds instance using .NET mysql connector
问题描述
We need to enable TLS1.1 connections on mysql rds instance. 
我们需要在mysql rds实例上启用TLS1.1连接。 I have a console application that I am using to test my connection to the mysql RDS instance. 我有一个控制台应用程序,用于测试与mysql RDS实例的连接。
After many to-and-fros with Infra team, it is confirmed that mysql instance is using TLSv1.1. 与Infra团队进行了多次接触后,可以确定mysql实例正在使用TLSv1.1。 Please find the command outputs that I have run in the mysql workbench : 请找到我在mysql工作台中运行的命令输出:
SHOW GLOBAL VARIABLES LIKE '%version%';
- show global variables like '%ssl%' 显示像'%ssl%'这样的全局变量
Now this verifies that the server is using TLSv1.1. 现在,这将验证服务器正在使用TLSv1.1。
Connection establish efforts - Workbench 建立联系的努力-工作台
Everything works fine 一切正常
Connection establish efforts - Using mysql.exe (server/bin/) 建立连接的努力-使用mysql.exe(server / bin /)
C:\\Program Files\\MySQL\\MySQL Server 5.7\\bin\\mysql.exe" -u serverusername -h xxxxxxx.xxxxxxxxxxxx.eu-west-1.rds.amazonaws.com dbname -p --ssl-mode=PREFERRED
Asks for password and connects fine 询问密码并连接正常
C:\\Program Files\\MySQL\\MySQL Server 5.7\\bin\\mysql.exe" -u serverusername -h xxxxxxx.xxxxxxxxxxxx.eu-west-1.rds.amazonaws.com dbname-p --ssl-mode=DISABLED
Asks for password and connects fine 询问密码并连接正常
So now we have sufficient facts to say that from this aws Vm we are able to connect to the RDS instance using workbench and mysql.exe utility (both SSL enabled) 因此,现在我们有足够的事实可以说,通过此aws Vm,我们可以使用workbench和mysql.exe实用程序(均已启用SSL)连接到RDS实例。
Then next we try to connect to the same RDS instance using a console application that is using the mysql connector DLL provided by the mysql team. 接下来,我们尝试使用控制台应用程序连接到同一RDS实例,该控制台应用程序使用mysql团队提供的mysql连接器DLL。 Please find application code below along with mysql connector dll version 请在下面找到应用程序代码以及mysql连接器dll版本
Code : 代码:
static void Main(string[] args)
{
//ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
//ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
Console.WriteLine("making certficate connection");
string connMainOut = connMain();
Console.WriteLine(connMainOut.ToString());
Console.ReadLine();
}
private static string connMain()
{
try
{
MySqlConnection connection = new MySqlConnection(ConfigurationManager.AppSettings["conns"]);
connection.Open();
return connection.ToString();
}
catch (Exception ex)
{
Console.WriteLine("==============================");
Console.WriteLine("connMain" + ex.ToString());
Console.WriteLine("==============================");
return "null";
}
}
MySql connector version : MySql连接器版本:
My app.config looks like this : 我的app.config看起来像这样:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<appSettings>
<add key="conns" value="SERVER=xxxxxxxx.xxxxxxxxxxxxx.eu-west-1.rds.amazonaws.com;
database=databasename;
user=username;
PASSWORD=password;
SslMode=PREFERRED;"/>
</appSettings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
</startup>
</configuration>
It throws this error 它抛出此错误
Now with using SslMode=None; 现在使用SslMode = None;
Now with SslMode=REQUIRED , I get the same error 现在使用SslMode = REQUIRED,我得到相同的错误
We have already spent a lot of time on this and still are unable to connect using TLS. 我们已经花了很多时间,但仍然无法使用TLS连接。 If more information is required, please let me know. 如果需要更多信息,请告诉我。
1 个解决方案
解决方案1
0 已采纳 2018-12-06 14:59:30
From the error log it also says "The message received was unexpected or badly formatted" which generally means that something is wrongly configured on the server. 从错误日志中,它还会显示“收到的消息意外或格式错误”,这通常表示服务器上配置错误。 TLS 1.1 is not considered secure anymore. TLS 1.1不再被认为是安全的。
Download IISCrypto to review “Schannel” and “Cipher Suites” tabs and see if settings are correctly configured and post making the changes can restart the server. 下载IISCrypto以查看“ Schannel”和“ Cipher Suites”选项卡,查看设置是否正确配置,并且进行更改后可以重新启动服务器。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.