Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Not a Bug
-
7.0.1, 8.0.0, 8.0.1
-
None
-
None
-
NEW
-
NEW
Description
The container quay.io/keycloak/keycloak:7.0.1 cannot connect to MySQL using TLS anymore, while quay.io/keycloak/keycloak:7.0.0 could.
I guess this regression is related to the switch to the ubi8-minimal base image.
Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1 | Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate) Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1 | at java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:169) Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1 | at java.base/sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98) Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1 | at java.base/sun.security.ssl.TransportContext.kickstart(TransportContext.java:216) Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1 | at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:395) Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1 | at com.mysql.jdbc@5.1.46//com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:186) Nov 09 11:51:31 <server name> docker-compose[10706]: keycloak_1 | ... 71 more
Attachments
Issue Links
- is related to
-
KEYCLOAK-12017 Regression due to ubi-8/OpenJDK 11 upgrade: User Federation -> LDAP Connection doesn't support TLS < 1.2
-
- Closed
-