Can't connect to database

Help and Support Raspberry Pi
21

Agreed, @bighead85. I really don’t want to do this, but at some point I have to make the wife and kids happy.

@dillthedog - I would like encryption enabled, but it is not essential.

The point here is that this is a bone stock Ubuntu 20.04 machine (VM). It is only running MySql (no other packages or config complicating things)… Only possible complication is that I started this server a couple weeks ago on version 19.10 and upgraded to 20.04. I migrated my XBMC (Kodi) database over to it first before the other couple (barely used) dbs I use at home anymore.

20.04 is not being pushed to users currently on 18.04, but that will happen here in a month or so (check the date). What happens when all the other users using Ubuntu as a DB backend start encountering this issue when they upgrade? Are they all going to have to go in and disable SSL on their DB machines?

This seems like a negotiation issue (not one or the other side necessarily “to blame”) and, clearly, Ubuntu has made some design decisions here that are affecting this.

Also, of note, this only seems to affect Kodi running on OSMC (maybe other RPi or Raspbian variants, too?) - so I would think that the OSMC community would want to address this before it becomes a widespread issue - I’m not trying to point myself as a lofty idealist, at this point, I’m just trying to get my good-will annual credits in the spirit of FOSS.

If I had time, I would dig into the source code and see hoe OSMC is connecting that is different, or how the OS may be using a different package or different settings for SSL or some mysql library, but I can’t, at this moment. So, if someone who already has experience developing this platform is available, that would probably be better.

Anyway, this, now, is more of a philosophical post than a technical one, but that’s my $.02.

22

To prevent any misunderstandings, if you’re talking about having the password encrypted while in transit, AFAIK that’s already the default.

“When you connect to a MySQL server, you should use a password. The password is not transmitted as cleartext over the connection.” [https://dev.mysql.com/doc/mysql-security-excerpt/5.7/en/security-against-attack.html]

The encryption under discussion here is of the in-transit data.

23

Sorry, I probably muddied the waters.

What I’m saying is that I don’t like that a stock, default installation of MySQL on Ubuntu is not OOTB compatible with a stock, default installation of OSMC.

I imagine this will become an issue for some number of people once Ubuntu turns on upgrade notifications for 20.04.

I also don’t like that I have to change the MySQL config to a non stock config, but that is another conversation.

I hope this makes sense. I find that sometimes my written communications are not always clear and to the point.

–mobrien118

27

Never played with that myself but if you wanted Kodi to use encryption with MySQL then it has to be configured…

<key>
*Optional*  - SSL setting for MySQL

<cert>
*Optional*  - SSL setting for MySQL

<ca>
*Optional*  - SSL setting for MySQL

<capath>
*Optional*  - SSL setting for MySQL

<ciphers>
*Optional*  - SSL setting for MySQL

https://kodi.wiki/view/Advancedsettings.xml#musicdatabase.2Fvideodatabase

28

Apologies if this has moved on but found this thread troubleshooting a friends setup.

From what I can see so far (and comparing systems) I think the issue is tied to changes in the openSSL version and config shipped with 20.04 rather than MySQL.

The setup in question is using the community MySQL install - same version on his old Mint 19 install as his new Mint 20 install. OSMC was perfectly happy with MySQL on the 19 install (that includes the certificate setup reported above) but not 20.

I haven’t spent any time troubleshooting the versions and config yet myself but if you want SSL setup that’s going to be somewhere to look between the two as well.