Forced TLS V1.1 while connecting to digitalocean DB

[Sekator500v2]

1. Driver is: MySQL
2. Build is: 132
3. You just need to set SSL mode to REQUIRED and try to connect to any DB hosted on digitalocean

Then you will receive an error "Invalid SSL" without any explanation. I've tried to connect using mysql shell and everything is fine SSL working OK.

Then I've captured all traffic using WireShark and I see that your program trying to connect using deprecated TLS v1.1 and ofcourse server rejected connection.

So is there any chance to set desired TLS version?

P.S. Seems like Mac version doesn't have this problem. Cuz my friend successfully connected to the same base.

[huyphams]

Tablelus Windows uses Open SSL 1.0.2o so it should support TLS 1.2, let me check if there is a way to use the latest TLS. thanks @Sekator500v2

[Sekator500v2]

Thanks a lot. When you have some beta or nightly build just let me know. I will check it very quickly.

[huyphams]

Hi @Sekator500v2 if you have a chance, please try this patch: https://www.dropbox.com/s/eqztxlh2bai0lyd/TablePlusUpdate.exe?dl=0

[Sekator500v2]

Hi, thanks but didn't work. See screenshot, same result.

[Sekator500v2]

I went through the code and I see that libmysql.dll has only TLS V1 & V1.1. It is really hard to disassemble and maybe I’m wrong. But is there any chance you can update this lib? Also, version is 5.7.24

[huyphams]

I can confirm that the current MySQL lib which was distributed by Oracle only supports v1 and v1.1 and they said that if we want to support v1.2 we must build ourselves (compile MySQL from source) I will try to compile the source and get back to you soon. Thanks!

[huyphams]

[huyphams]

Hi @Sekator500v2 please install this hotpatch: https://www.dropbox.com/s/eqztxlh2bai0lyd/TablePlusUpdate.exe?dl=0 and then change the SSL mode to PREFERRED TablePlus now supports TLS 1.2, please let me know if you're still seeing the issue.

[Sekator500v2]

Yep, it’s working now! And according to WireShark is TLS v1.2 Thanks a lot!