I was doing some tests to switch my webapp from mysql to mariadb. I don’t understand why if I try to connect to the mariaDB 10.4 database with a user requesting SSL it gives me the following error: “2026-SSL connection error: protocol version mismatch”. I tried to remove the SSL requirement from the user but I get the same error 2026. In both cases I can connect with HeidiSQL so I exclude wrong configurations or firewall problems.
Test situation:
Xojo 2018r4/2019r3.1
Windows 10
MariaDB 10.4 on Centos7
If I compile the web app from linux it connects to the database without problems.
Any suggestions?
Personally moving from mySQL to Maria is really just chaging db names
They both have a dual license - free for GPL usage but may NOT be free for commercial usage
So be careful with these db’s
I’d move to PostgreSQL as it is FREE for ANY purpose - GPL, free, commercial you name it
All that said have you set your db connection to use the same connection parameters (including all the SSL properties ?)
The protocol mismatch almost seems like its you trying to connect using something like SSL 2 and the server expects SSL 3 (or some other mismatch like that - client is using TLS 1.1 and server expects TLS 1.2)
Okay, you were right. The problem is that the xojo plugin tries to connect in TLSv1.0 . To solve the problem, I changed the accepted protocols on mariadb by adding the following instruction: :
@Attilio : I hope your DB does only accept localhost connections from your webapp? Consider any open DBMS ports in the internet as invitation for hackers and as ticking time bomb.
I didn’t say my database accepts connections outside the lan network. Port 3306 is closed on the firewall and the webapp has a special account utente@127.0.0.1. I created another user example@192.168.1.% REQUIRE SSL to debug the app on windows and manage the database with LAN connections.
Will the plugin ever be updated to support higher TLS versions?
We wont discuss the length of time some bug reports have been sitting
Feature requests I understand
Bug reports though shouldnt languish so long
I tried to deal with as many old IDE bug reports as I could