Amazon RDS Mysql Databse with TLS 1.2 and ASP.NET Application - mysql

We are trying to access our MySql RDS instance which is tls1.2 enabled. Our AWS asp.net application server also has tls1.2 protocol enabled. But Application is not able to make connection to database with the error.
We have tried with enabling various Ciphers and also applying .pem files with asp.net connection string. But still can not connect to it. However no connection string is working out for us.
Error: The handshake failed due to an unexpected packet format.

After few changes in the server cipher settings we are now able to connect to the RDS instance using our C# console application (mysql connector latest version)
Below are the findings :
application level (code) changes : None
Server Crypto settings ( using Nartac ) : Best Practices
machine (currently tested from DB server to RDS instance ) TLS version : v1.2 enforced
RDS TLS version : v1.2 enforced
My connection string :
**<add key="conns" value="SERVER=asdf.asdfasdfa.eu-west-1.rds.amazonaws.com;database=FFF;user=FFFF;PASSWORD=p#5sword;SslMode=REQUIRED;"/>**
Output : connection successful

Related

Database Connection Problem - Azure MySql Database Server from .net core 3.1

-- Background:
I am using asp.net mvc project with 3.1 .net core.
I have azure setup for hosting it in app service.
For Database, I have mysql database server set up on Azure (version 5.7).
-- Problem:
I am using basic connection string when connecting to mysql database. But it is not working for hosted application.
When I connect the azure hosted database server locally using WorkBench, and run the program (locally), it 'works'. (WorkBench connection has Ssl = required and SSL cert File attached.)
But when I publish the same code with same connectionString, it is not working.
IS IT BCZ OF:
I am using 5.7 azure mysql database server?
(To update the version, do I need to create new mysql server on azure and pay $20? Because Mycrosoft documentation says there is 'Upgrade' option on overview. But there is not. Or might for higher subscription. Any suggestions?)
If the reason is I am missing mentioning ssl certi on hosted platform, how can I add it? Do I need to get storage to store that certificate? How can I mention that path in connectionString?
Any other reason for this problem?
I checked YouTube, Microsoft documents, And Google but didn't find solution.
UPDATE:
Libraries used:
MySql.EntityFrameworkCore 3.1.X
Microsoft.EntityFrameworkCore 3.1.X
MySql-Connector-Net 8.0.X
Connection String used: "Server=.mysql.database.azure.com;Port=3306;Database=;Uid=;Pwd=;"
Solution:
It was unable to connect because of incomplete networking.
I had to allow other azure services to connect that server.
Thanks for your comments.

SSL connection error on connecting to MySQL server in Rust

I am learning Rust. I setup a Rust API open source application on 64bit Windows 10, i.e. REST API with Rust using Actix-Web 2.0. I am trying to get it to connect to MySQL 8.0 running locally on this very machine. I setup a .env file with proper credentials for MySQL database on this Windows machine running Wampserver MySql. When I try to run it using cargo run, I get the following error and some stack trace:
panicked at 'Failed to create db pool.: Error(Some("SSL connection error: unknown error number"))', src\db.rs:23:28
Some solutions suggest that the client which is trying to connect to DB is old and doesn't support the latest protocols like TLS 1.2 etc. But I don't think that is the issue. I didn't find any mention of this error with Rust. Am I missing something?
Can I connect to MySQL without SSL?
Do I need to setup certificates at client and server end?
Do I need to setup OpenSSL?

An existing connection was forcibly closed by the remote host error with Connection Manager

I am trying to connect to db server from ETL servers through SSIS package. Connection is not working from any ETL servers through SSIS. Below is the screenshot. Please let me know what I am missing.
We also performed a test with the telnet client and test was successful.
Error Message:Test Connection failed because of an error in
initializing provider. Client unable to establish connection TCP
provider. An existing connection was forcibly closed by the remote
host.
Restart all SQL Server services
Check if SQL Server browser is running and SQL Server is configured
to allow remote connections.
Check your SSL and TLS settings from the registery settings. The settings between the client and server should be logical and consistent (i.e. if the server only allows 1.2 and the client only supports 1.0)

could not access azure mysql

I have a MySQL server database running on Azure. It has already running to store data from my ASPX web apps hosted on Azure also. I have plan to migrate the apps to Java JSF or .net core.
I developed using Tomcat server (in my local pc) and try to connect directly to mySql in Azure. But I always get Communications link failure error.
Is it not allow to connect directly from my local Tomcat server to database in Azure, or something else?
Thank you in advance for the answer.
Yes you can connect from your local tomcat to your azure mysql if you have provided the correct connection string.
Also add your ip in the firewall rules of the sql resource.

Connection to AWS Database fails with Mule app in Runtime Manager

I've recently created a Mule application (3.7.0 CE) on a laptop. I'm connected to an AWS RDS instance when running locally in AnyPoint Studio using Maven. I started with a local MySQL DB and migrated it to AWS because my application "proofofconcept" is just that a proof of concept and I would like to show the application online (public url) instead of my laptop for a presentation. I added the database.url=... property to the application properties when I deployed to Anypoint Runtime Manager in the cloud. I'm currently getting a:
communications link failure
I've tried several things and nothing has worked. I tried a basic database connection first in the database config. And, then I created a JDBC datasource in Spring-beans. Both methods worked locally and in-communication with AWS (remote). When I deploy to Runtime Manager, the application deploys. And, I get the console that's generated runtime by the RAML. When I call a url e.g. api/v1/orders it runs and runs and after timeout provides the communication error.
Does anyone 1) know if the communication is allowed? 2) know how to fix this? I would like to demo the POC online for my client.
Thanks in advance
My issue was with Amazon VPC and the default security group assigned to my RDS instance. By default all outbound activity is set to any protocol and any port for any ip (0.0.0.0/0). Inbound routing, however was specifying only port 3306 but also a custom using-ip that was my home network public ip. I changed the ip specification to be 0.0.0.0/0. This now mean's that any ip can send a request though port 3306 to my Amazon MySQL instance.