29 lines
1.7 KiB
Markdown
29 lines
1.7 KiB
Markdown
|
## JAVA-MySQL
|
|||
|
|
|
|||
|
|
### mysql8.x版本的数据库在连接的时候报错 java.sql.SQLNonTransientConnectionException: Public Key Retrieval is not allowed
|
|||
|
|
|
|||
|
|
#### 说明
|
|||
|
|
|
|||
|
|
[官方doc](https://mysqlconnector.net/connection-options/)
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
**原文:**
|
|||
|
|
|
|||
|
|
If the user account uses `sha256_password` authentication, the password must be protected during transmission; TLS is the preferred mechanism for this, but if it is not available then RSA public key encryption will be used. To specify the server’s RSA public key, use the `ServerRSAPublicKeyFile` connection string setting, or set `AllowPublicKeyRetrieval=True` to allow the client to automatically request the public key from the server. Note that `AllowPublicKeyRetrieval=True` could allow a malicious proxy to perform a MITM attack to get the plaintext password, so it is `False` by default and must be explicitly enabled.
|
|||
|
|
|
|||
|
|
**翻译**
|
|||
|
|
|
|||
|
|
如果用户账号使用sha256_password认证,密码在传输过程中必须进行保护; TLS 是对此的首选机制,但如果它不可用,则将使用 RSA 公钥加密。要指定服务器的 RSA 公钥,请使用 ServerRSAPublicKeyFile 连接字符串设置,或设置 AllowPublicKeyRetrieval=True 以允许客户端自动从服务器请求公钥。请注意,AllowPublicKeyRetrieval=True 可能允许恶意代理执行 MITM 攻击以获取明文密码,因此默认情况下为 False,必须明确启用。
|
|||
|
|
|
|||
|
|
#### 解决方法
|
|||
|
|
|
|||
|
|
只要在url的后边加上allowPublicKeyRetrieval=true即可
|
|||
|
|
|
|||
|
|
```yaml
|
|||
|
|
url: jdbc:mysql://10.8.0.18:3306/newerp?serverTimezone=UTC&useUnicode=true&charaterEncoding=utf8&autoReconnect=true&useAffectedRows=true
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
|
|||
|
|
|