MySql 8.x java.sql.SQLNonTransientConnectionException: Public Key Retrieval is not allowed

Questions

Error in remote connection to MySQL 8.0 using mybatis plus to reverse generate entity class codegenerator

Exception in thread "main" java.lang.RuntimeException: java.sql.SQLNonTransientConnectionException: Public Key Retrieval is not allowed
	at com.baomidou.mybatisplus.generator.config.DataSourceConfig.getConn(DataSourceConfig.java:170)
	at com.baomidou.mybatisplus.generator.config.builder.ConfigBuilder.<init>(ConfigBuilder.java:110)
	at com.baomidou.mybatisplus.generator.AutoGenerator.execute(AutoGenerator.java:96)
	at com.dev.docker.config.CodeGenerator.main(CodeGenerator.java:125)
Caused by: java.sql.SQLNonTransientConnectionException: Public Key Retrieval is not allowed
	at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:110)
	at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:97)
	at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:122)
	at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:836)
	at com.mysql.cj.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:456)
	at com.mysql.cj.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:246)
	at com.mysql.cj.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:199)
	at java.sql/java.sql.DriverManager.getConnection(DriverManager.java:677)
	at java.sql/java.sql.DriverManager.getConnection(DriverManager.java:228)
	at com.baomidou.mybatisplus.generator.config.DataSourceConfig.getConn(DataSourceConfig.java:168)
	... 3 more

reason

Official website: https://mysqlconnector.net/connection-options/

         If the user account uses sha256_ Password authentication, transmission must protect the password; TLS is the preferred mechanism, but if it is not available, RSA public key encryption will be used. To specify the RSA public key of the server, use the serverrsapublickeyfile connection string setting, or set allowpublickeyretrieval = true to allow clients to automatically request the public key from the server. Note that allowpublickeyretrieval = true may allow malicious agents to perform mitm attacks to obtain plaintext passwords, so it is false by default and must be explicitly enabled.

         Because allowpublickeyretrieval and allowpublickey retrieval are false by default, it is necessary to add “allowpublickeyretrieval = true” on the JDBC connection

Solutions

Add “allowpublickeyretrieval = true” to JDBC connection

jdbc:mysql://xxxx/xxx?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=UTF-8&useSSL=false&allowPublicKeyRetrieval=true


Read More: