1.2k questions
1.4k answers
361 comments
339 users
When you see this it is likely the server or a user on the server is configured to use the new dafult caching_sha2_password method, but the client that attempted the connection either does not support it or was not configured properly to support the caching_sha2_password method.
To fix this some configuration may be needed on the server and or client to use the same authentication method.
Below are suggestion to use the legacy mysql_native_password method. To use the new default caching_sha2_password please see the MySql documentation for details.
1. Reconfigure the server by adding this to your MySql configuration file:
default_authentication_plugin=mysql_native_password
or
2. Create or alter the user used to connect to the QIE database using a query like:
CREATE USER '[qie user]'@'localhost' IDENTIFIED WITH mysql_native_password BY '[qie password]';
ALTER USER '[qie user]'@'localhost' IDENTIFIED WITH mysql_native_password BY '[qie password]';
Additional details:
MySql 8 changed the default authentication method from mysql_native_password to caching_sha2_password.
As stated here: https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/news-8-0-9.html
"Connector/J now supports the new caching_sha2_password authentication plugin, which is the default authentication plugin for MySQL 8.0.4 and later (see Caching SHA-2 Pluggable Authentication for details).
Note:
To authenticate accounts with the caching_sha2_password plugin, either a secure connection to the server using SSL or an unencrypted connection that supports password exchange using an RSA key pair (enabled by setting one or both of the connecting properties allowPublicKeyRetrieval and serverRSAPublicKeyFile) must be used.
Because earlier versions of Connector/J 8.0 do not support the caching_sha2_password authentication plugin and therefore will not be able to connect to accounts that authenticate with the new plugin (which might include the root account created by default during a new installation of a MySQL 8.0 Server), it is highly recommended that you upgrade now to Connector/J 8.0.9, to help ensure that your applications continue to work smoothly with the latest MySQL 8.0 Server."
The installation wizard includes a step to choose between the new default "Use Strong Password Encryption (RECOMMENDED)" and "Use Legacy Authentication Method (Retain MySql 5.x Compatibility)".
Client support was added to:
MySql Connector/j version 5.7.23
MariaDB Connector/j version 2.5
QIE shipped with:
QIE version .48
MySql Connector/j version 5.1.30
MariaDB Connector/j version 2.2.5
QIE version .49
MySql Connector/j version 8.0.20
MariaDB Connector/j version 2.6.0
Note: Other versions of the above drivers may have been loaded via the external libraries.
Resources:
https://dev.mysql.com/doc/refman/8.0/en/upgrading-from-previous-series.html
https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/news-8-0-9.html
https://dev.mysql.com/doc/refman/8.0/en/caching-sha2-pluggable-authentication.html
https://dev.mysql.com/doc/connector-j/8.0/en/connector-j-reference-using-ssl.html
https://dev.mysql.com/doc/refman/8.0/en/native-pluggable-authentication.html
https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html
https://dev.mysql.com/doc/refman/8.0/en/pluggable-authentication.html
https://dev.mysql.com/doc/refman/8.0/en/mysql-installer-workflow.html
https://dev.mysql.com/doc/refman/8.0/en/osx-installation-pkg.html
https://mariadb.com/kb/en/about-mariadb-connector-j/
https://mariadb.com/resources/blog/whats-new-in-mariadb-connector-j-2-5/
