Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-11988

Regression: Container cannot connect to MySQL using TLS since switch to ubi8-minimal

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Explained
    • Affects Version/s: 7.0.1, 8.0.0, 8.0.1
    • Fix Version/s: None
    • Component/s: Container
    • Labels:
      None
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      The container quay.io/keycloak/keycloak:7.0.1 cannot connect to MySQL using TLS anymore, while quay.io/keycloak/keycloak:7.0.0 could.

      I guess this regression is related to the switch to the ubi8-minimal base image.

      Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1  | Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
      Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1  |         at java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:169)
      Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1  |         at java.base/sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98)
      Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1  |         at java.base/sun.security.ssl.TransportContext.kickstart(TransportContext.java:216)
      Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1  |         at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:395)
      Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1  |         at com.mysql.jdbc@5.1.46//com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:186)
      Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1  |         ... 71 more
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              pcraveiro Pedro Igor Silva
              Reporter:
              marianrh-apa Marian Rainer-Harbach
              Votes:
              2 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: