Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.5.0
-
None
-
None
Description
I am trying to run Fineract with Azure Database Flexible Server for MySQL. This requires SSL connections.
I am using Kubernetes deployments. Important parts of configuration below.
I've tried adding useSsl=true to fineract_tenants_url and also creating FINERACT_DEFAULT_TENANTDB_CONN_PARAMS env variable.
apiVersion: apps/v1 kind: Deployment metadata: name: fineract-server labels: app: fineract-server spec: selector: matchLabels: app: fineract-server tier: backend strategy: type: Recreate template: metadata: labels: app: fineract-server tier: backend spec: containers: - name: fineract-server image: apache/fineract:latest resources: limits: cpu: "1000m" memory: "1Gi" requests: cpu: "200m" memory: "0.5Gi" livenessProbe: httpGet: path: /fineract-provider/actuator/health/liveness port: 8080 initialDelaySeconds: 180 periodSeconds: 1 readinessProbe: httpGet: path: /fineract-provider/actuator/health/readiness port: 8080 initialDelaySeconds: 180 periodSeconds: 1 env: - name: DRIVERCLASS_NAME value: org.mariadb.jdbc.Driver - name: PROTOCOL value: jdbc - name: SUB_PROTOCOL value: mariadb - name: node_id value: '1' - name: fineract_tenants_driver value: org.mariadb.jdbc.Driver - name: fineract_tenants_url value: jdbc:mariadb://{{ .Values.mysqlhost }}:3306/fineract_tenants?useSsl=true - name: fineract_tenants_uid valueFrom: secretKeyRef: name: fineract-tenants-db-secret key: username - name: fineract_tenants_pwd valueFrom: secretKeyRef: name: fineract-tenants-db-secret key: password - name: FINERACT_DEFAULT_TENANTDB_HOSTNAME value: {{ .Values.mysqlhost }} - name: FINERACT_DEFAULT_TENANTDB_CONN_PARAMS value: 'useSsl=true' - name: FINERACT_DEFAULT_TENANTDB_PORT value: '3306' - name: FINERACT_DEFAULT_TENANTDB_UID valueFrom: secretKeyRef: name: fineract-tenants-db-secret key: username - name: FINERACT_DEFAULT_TENANTDB_PWD valueFrom: secretKeyRef: name: fineract-tenants-db-secret key: password - name: FINERACT_DEFAULT_TENANTDB_CONN_PARAMS value: '' ports: - containerPort: 8443 name: fineract-server
Some initial connections are created correctly and FlywayDB is able to create tables in "fineract_tenants" database. However after that in tenantDatabaseUpgradeService there is an exception
java.sql.SQLTransientConnectionException: (conn=49) Connections using insecure transport are prohibited while --require_secure_transport=ON
Attaching full log.
I am using MySQL 8.0.21 as Flyway was failing on 5.7 (as MySQL 5.7 is unsupported). I am using "latest" Docker image of Fineract.