I have a Node.js app (running on AppEngine) connecting to a GCP CloudSQL (MySQL) instance. Now I want to connect to the same database from Node.js (Knex) running on Heroku.
From AppEngine, Node.js connects via user/password and socketPath. I'm also connecting to the same MySQL DB from MySQL Workbench via host IP (over SSL).
I'm trying to use the same host, port, user and pass as Workbench from Heroku and it's not working. To try and make it easy, I've temporarily allowed all networks to connect (0.0.0.0/0) and I've allowed non-SSL connections.
Here's the error: ER_ACCESS_DENIED_ERROR: Access denied for user 'usernamehere'#'xx.xxx.xxx.xx' (using password: YES)"
The environment variables are stored in the Heroku app and they must be working because the username is correct.
It's not very helpful, but here's the code:
import Knex = require('knex');
const envConfig = require('../config/environments').get(process.env.NODE_ENV);
module.exports = knex;
The only way I found to resolve this issue was to connect to CloudSQL over SSL.
const mysql = require("mysql");
const fs = require('fs');
const knex = require('knex')({
client: 'mysql',
version: '5.7',
connection: {
host : 'xx.xx.xx.xx',
ssl: {
ca: fs.readFileSync('ca.pem'),
key: fs.readFileSync('client-key.pem'),
cert: fs.readFileSync('client-cert.pem'),
},
user : 'root',
password : 'xxxxxxxxx',
database : 'mydbname',
},
});
Related
thank you in advance for the help.
I am using nodejs v16.13.1 and mysql 5.7.37-cll-lve.
my nodejs app is currently on my local machine and my mysql db is on a remote server. I want to connect to the remote mysql but, I keep getting this error:
Access denied for user ''#'mylocalcomputerip' (using password: YES)
I am using shared hosting btw.
What is weird is that the user is not showing and I know it is correctly being used. as well the the connection trying to connect to my local ip despite me putting in my server ip.
I tried using one of the nameservers and then it gives a timeout.
this is how I am trying to connect to the remote db.
createConnection(){
const conn = mysql.createConnection({
host: process.env.DB_HOST,
username: process.env.DB_USERNAME,
password: process.env.DB_PASSWORD,
database: process.env.DB_NAME,
port: process.env.DB_PORT
})
conn.connect(err => {
if(err) throw err
console.log("Connected")
})
return conn
}
The host is the shared ip.
The username is the user I created to interact with the db.
The password is the password for the username.
The database is the database that I'm trying to connect to.
The port is the default port 3306 for mysql dbs.
Any kind of knowledge or insight to what I'm doing wrong or don't know about would be greatly appreciated
Found the issue!! The object that is passed to the function createConnection uses a "user" key and not "username".
I am trying to connect to my Amazon RDS cloud database using Express framework. My server.js connection looks as follows:
const express = require('express');
var bodyParser = require('body-parser')
const mysql = require('mysql');
const cors = require('cors');
const port = process.env.PORT || 3300;
const connection = mysql.createConnection({
host : 'endpoint-of-my-rds-database.amazonaws.com',
user : 'user',
password : 'password',
database : 'database',
port: 3300,
socketPath: '/Applications/XAMPP/xamppfiles/var/mysql/mysql.sock'
});
const app = express();
app.use(cors());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
connection.connect(function(err) {
if(err) throw err;
console.log("connected to database");
})
After running node server.js I get the following standard error:
Access denied for user 'root'#'localhost' (using password: YES)
I am able to connect to my cloud database with the same credentials using MySQL Workbench. Also, I can connect to my local MySQL database through Express by changing credentials to those of my local MySQL database.
Researching online, it appears that this error is due to invalid credential, but, as I've mentioned, I can connect to my RDS database through Workbench with no issues. It is only Express that seems to give me trouble. Will be happy to provide additional info. Any help will be appreciated. Thank you in advance.
You'll want to remove that socketPath. Per the docs on socketPath:
The path to a unix domain socket to connect to. When used host and port are ignored.
You're overriding your other connection details and trying to connect to whatever database is listening on that socket.
The clue is the error message: 'root'#'localhost'. That host is where your connection originates from. In this case localhost indicates that you're connecting to a database on the same machine that your code is running on, so you're not getting to your RDS instance.
If you were failing to authenticate against an RDS instance, I'd expect to see something like root#54.12.4.9 or root#ip-52-12-4-9.amazonaws.com instead.
I am connecting to a MySQL instance hosted on AWS from a seperate AWS EC2 server that is running NodeJS on Express.
Here are my connection settings:
var connection = mysql.createConnection({
host: '<mydatabase>.rds.amazonaws.com',
user: '<user>',
password: '<password>',
database: '<db_name>',
ssl: 'Amazon RDS',
});
And I run the file using node db_test.js and it returns a SQL query just fine. How can I verify that it is making use of the ssl: 'Amazon RDS' line and it is actually secure?
use this query :
let sql= "show status like 'Ssl_version'";
and check the output
connection.query(sql, function (err, result) {})
Official docs says
SSL options
The ssl option in the connection options takes a string or an object.
When given a string, it uses one of the predefined SSL profiles included.The following profiles are included:
- "Amazon RDS": this profile is for connecting to an Amazon RDS server and contains the certificates from https://rds.amazonaws.com/doc/rds-ssl-ca-cert.pem and https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem
So, I think you can not use ssl:{rejectUnauthorized:true}
But you can always set this process.env.NODE_TLS_REJECT_UNAUTHORIZED = 1.It does the same thing. So when you set this option you will get TLS authorization error if you provide invalid rds SSL profile and won't be able to connect to DB
You can read this as well:
https://medium.com/soluto-nashville/best-security-practices-for-amazon-rds-with-sequelize-600a8b497804
I hosted a nodeJS application in google console under a paid account. When i tried to connect my nodeJS app to MySQL db in localhost server it is working but once i configured it to work in google cloud console it says can't connect to database. I successfully created a google SQL instance and sure about user name and password as i can connect to database via cloud console.
i referred to many tutorials in the internet and couldn't get a way....
var con = mysql.createConnection({
host: 'localhost',
user: 'root',
password: '1234',
database: 'test'
});
con.connect(function(error){
if(error){
console.log('error');
}
else{
console.log('connected');
}
});
Since this question is tagged with google-app-engine, I assume it is the product you are using to deploy your application. In this case:
App Engine uses a Unix socket to connect to a Cloud SQL instance, because of that you need to pass the instance's connection name, like in the example below:
var con = mysql.createConnection({
host: "localhost",
socketPath: "/cloudsql/<PROJECT_ID>:<REGION>:<SQL_INSTANCE_NAME>",
user: "root",
password: "secret"
});
con.connect(function(err) {
if (err) throw err;
console.log("Connected!");
});
You can actually test that by running the cloud_sql_proxy locally and connecting through the unix socket. The Using Cloud SQL for MySQL tutorial explains how to do that.
EDIT:
In case you are using App Engine Flex, it is also important to set the correct beta_settings on your app.yaml like in the example below:
beta_settings:
# The connection name of your instance, available by using
# 'gcloud beta sql instances describe [INSTANCE_NAME]' or from
# the Instance details page in the Google Cloud Platform Console.
cloud_sql_instances: YOUR_INSTANCE_CONNECTION_NAME
Your local machine sql server can't be connected to the google console as it is not
exposed to the internet.You should host your mssql db in some platform and then you
can connect with that in google console
I am using azure connection string (from Azure portal) for Node.js app, still cannot connect to Azure Database for Mysql server.
var conn = mysql.createConnection({
host: yourhost,
user: "username",
password: "password",
database: "database",
port: 3306,
ssl:{ca:fs.readFileSync(__dirname + '/baltimore.pem')}});
I get following error:
"Error: MySQL server is requesting the old and insecure pre-4.1 auth mechanism.Upgrade the user password or use the {insecureAuth: true} option."
But I can connect using Mysql Benchmark same credentials.
What I am doing wrong ?
Azure Database for MySQL is incompatible with the mysqljs connector library. See issue 1729 for details and pull 1730 for a workaround.