I've recently created a new RDS instance and am trying to edit a Visual Basic application to access the MySQL 8.0 database using an SSL connection.
Server side, everything seems to be okay. I have enabled require_secure_transport and have confirmed that I am able to connect via command line when supplying the cert file:
mysql -h database.server.123b234.ap-southeast-2.rds.amazonaws.com -u user --ssl-ca=rds-combined-ca-bundle.pem --ssl-mode=REQUIRED -P 3306 -p
The visual basic application I am modifying is using a MySql.Data.dll library package with .NET framework at 6.7.4.0 in Visual Studio 2010. I have been playing around with the connection string, but I seem to consistently be receiving an exception "A call to SSPI failed, see inner exception" and Inner Exception being: "The function requested is not supported"
My connections string is:
myConnStr = "Server=database.server.123b234.ap-southeast-2.rds.amazonaws.com;" _
& "uid=user;" _
& "pwd=password;" _
& "Port=3306;" _
& "Allow Zero Datetime=true;" _
& "CharSet=" & "utf8" _
& "SSL Mode=Required"
// add to conn object
conn.ConnectionString = myConnStr
conn.Open()
// exception called on next step through code
I have been trying to figure out how to add the rds-combined-ca-bundle.pem certificate to the connection string, but each time I try and add ssl-ca or sslca to the connection string with the RDS certificate specified, I receive an exception stating that the option does not exist.
Stack trace from SSPI exception:
{System.Security.Authentication.AuthenticationException:
A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception:
The function requested is not supported" & vbCrLf & "
--- End of inner exception stack trace ---"
and
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest, Boolean renegotiation)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest, Boolean renegotiation)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest, Boolean renegotiation)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at MySql.Data.MySqlClient.NativeDriver.StartSSL()
at MySql.Data.MySqlClient.NativeDriver.Open()
at MySql.Data.MySqlClient.Driver.Open()
at MySql.Data.MySqlClient.Driver.Create(MySqlConnectionStringBuilder settings)
at MySql.Data.MySqlClient.MySqlPool.CreateNewPooledConnection()
at MySql.Data.MySqlClient.MySqlPool.GetPooledConnection()
at MySql.Data.MySqlClient.MySqlPool.TryToGetDriver()
at MySql.Data.MySqlClient.MySqlPool.GetConnection()
at MySql.Data.MySqlClient.MySqlConnection.Open()
Solved.
I ended up upgrading the projects .NET Framework to v4.8, updating the MYSQL connector version (this was a pain) and to Visual Studio 2022. All works well now. Hopefully this will help someone down the line too.