Question
What causes Java not to connect to MySQL 5.7 after the recent JDK update, resulting in an SSLHandshakeException?
Answer
The Java Development Kit (JDK) update in April 2021 introduced a disabling of older TLS protocols (TLSv1 and TLSv1.1), causing connection issues with MySQL 5.7 that do not default to the newer TLSv1.2 protocol. This results in SSLHandshakeException due to protocol mismatches between the Java application and MySQL server.
// Example JDBC connection URL for MySQL specifying TLSv1.2
driverClassName=com.mysql.cj.jdbc.Driver
jdbcUrl=jdbc:mysql://localhost:3306/yourDatabase?enabledTLSProtocols=TLSv1.2&useSSL=true&requireSSL=true
username=yourUser
password=yourPassword
Causes
- The JDK update dropped support for TLSv1 and TLSv1.1, which MySQL 5.7 may revert to if not explicitly configured for TLSv1.2.
- SSLHandshakeExceptions occur when the SSL/TLS protocols supported by the client do not match those supported by the server.
Solutions
- Configure MySQL 5.7 to exclusively use TLSv1.2 by updating the `my.cnf` configuration file or using SQL commands to set the correct TLS version.
- Ensure the JDBC connection string in your Java application specifies TLSv1.2 explicitly.
- Consider upgrading MySQL to version 8.0+ for better SSL/TLS support and compliance with updated JDK versions.
Common Mistakes
Mistake: Not specifying TLSv1.2 in the JDBC connection string.
Solution: Ensure the JDBC URL includes `enabledTLSProtocols=TLSv1.2`.
Mistake: Ignoring MySQL configuration for SSL settings.
Solution: Verify and configure the MySQL server's SSL settings to support TLSv1.2.
Helpers
- Java MySQL connection error
- SSLHandshakeException Java
- TLSv1.2 MySQL configuration
- JDK update MySQL connection issue
- Fixing Java MySQL connection after JDK update
