I have a free ClearDB account that I got through Heroku (as a resource)
It gives me the
- CA certificate
- Client cert
- Client Key
These are all in .pem format
const fs = require('fs');
const ssl = {
ca: fs.readFileSync('cleardb-ca.pem', "utf-8"),
key: fs.readFileSync('cleardb-key.pem', "utf-8"),
cert: fs.readFileSync('cleardb-cert.pem', "utf-8")
};
const cleardb = mysql.createConnection({
host:"HOST",
user: "USER",
password: "PWD",
database: "DB",
ssl: ssl
});
cleardb.connect((err) => {
if (err) throw err;
console.log('connected!');
});
This keeps throwing
Error: 22928:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:c:\ws\deps\openssl\openssl\ssl\statem\statem_lib.c:1929:
and then the error stacktrace shows an Object like
library: 'SSL routines', function: 'ssl_choose_client_version', reason: 'unsupported protocol', code: 'HANDSHAKE_SSL_ERROR', fatal: true
The SSL routines:ssl_choose_client_version:unsupported error is the same exact error I get when I try connecting to this DB through the MySQL CLI.
I.e. mysql --host=HOST --ssl-capath=. --ssl-cert=cleardb-cert.pem --ssl-key=cleardb-key.pem --user=USER
I'm able to connect through both Node and the CLI if I do not use SSL.
Any idea what's going on here?
Should I really worry that much about using SSL? I've read that if the option for transport security exists, that you should elect to use it.
