Hi Everyone,
We have some code that creates (mySQL) datasources when we create a new customer.
We recently started seeing weird errors about not being able to communicate with the datasource.
Turns out that when we create a datasource that “SSL: true/false” is not being set at all.
As soon as I “hand” choose “false” - the error is fixed.
So my question is how do I use the adminAPI to set this option?
In code we have always had;
customuseSSL = false
But that doesn’t seem to be working for us (Not sure if it ever did)
Thanks.
OS: Ubuntu 18.04.3
Java Version: 11.0.13
Tomcat Version: 8
Lucee Version: 5.3.8.206
What MySQL server version? Anything over 8.0.12 automatically use SSL if setup on server. You can use requireSSL=true or sslMode=…
So, just to be clear I can call AdminAPI.requireSSL / sslMode to set these values when creating a datasource programmatically?
Because that doesn’t seem to be working for me?
Not with the MySQL datasource as requireSSL isn’t there.
Maybe an Other JDBC. You could add to Connection String.
sslMode is the new way for 8.0.13 and higher.
useSSL=true and requireSSL=true is the same as sslMode=REQUIRED
Also SSL will default. useSSL defaults to true and requireSSL defaults to false. This will be the same as sslMode=PREFERRED. If the server isn’t doing SSL, I would assume maybe a server configuration problem.
Hi Robert,
Thanks very much for the reply.
But that is not what I am experiencing, here.
Irrespective of the driver version used the “SSL” and “Verify Server Certificate” options have no value assigned to them : they do not default (at least in the GUI) to anything.
As always thanks!
Gavin Baumanis
E: gavinbaumanis@gmail.com
M**:** 04777 39 294
“Only two things are infinite - the universe, and stupidity. And I’m not sure about the universe”.
-Albert Einstein
The driver defaults. The Admin will just override any defaults.
You can use the “custom” attribute of the CFADMIN tag to control the SSL property.
Here is an example for configuring a MySQL data source. If there is a better way of doing this please share. I am aware of setting data sources in the Application.cfc but am not aware of how to set the SSL setting without using the cfadmin tag.
The big caveat is that depending on your config your code now needs a secure mechanism to have the Lucee admin password available.
<cfset var dbdriver = "MySQL">
<cfset var driver = createObject("component","lucee-server.admin.dbdriver.MySQL")>
<cfset var custom = {
"characterEncoding":"UTF-8",
"useLegacyDatetimeCode":"true",
"allowMultiQueries":"true",
"useOldAliasMetadataBehavior":"true",
"useUnicode":"true",
"useSSL":"false"
}>
<cfadmin action="updateDatasource" type="server" password="YourLuceePassword"
id="#isNull(driver.getId)?'':driver.getId()#"
classname="#driver.getClass()#"
dsn="#driver.getDSN()#"
customParameterSyntax="#isNull(driver.customParameterSyntax)?nullValue():driver.customParameterSyntax()#"
literalTimestampWithTSOffset="#isNull(driver.literalTimestampWithTSOffset)?false:driver.literalTimestampWithTSOffset()#"
alwaysSetTimeout="#isNull(driver.alwaysSetTimeout)?false:driver.alwaysSetTimeout()#"
requestExclusive="false"
alwaysResetConnections="false"
name="YourDataSourceName"
newName="YourDataSourceName"
host="YourMySQLHostname"
database="YourDatabase"
port="3306"
dbusername="db_username"
dbpassword="db_password"
connectionLimit="100"
connectionTimeout="1"
blob="false"
clob="false"
validate="false"
storage="false"
allowed_select="true"
allowed_insert="true"
allowed_update="true"
allowed_delete="true"
allowed_alter="true"
allowed_drop="true"
allowed_revoke="false"
allowed_create="true"
allowed_grant="false"
verify="false"
custom="#custom#"
dbdriver="#dbdriver#"
>
1 Like
Thanks
Your code works for me - useSSL - correctly sets the option - and is verified in the web admin UI.
Any ideas what the correct key for verify server is? I have tried;
“verifyServerCertificate”:“false”,
But that isn’t working 
Thanks again.
Is it the verify attribute on the cfadmin tag?
edit: or perhaps the validate attribute?
