The latest security patch is generating an error due to the way SQL users have been created. The error message below is displayed:
"[Warning] [MY-013360] [Server] Plugin mysql_native_password reported: 'mysql_native_password' is deprecated and will be removed in a future release. Please use caching_sha2_password instead"
This is caused by the MySQL patch (MySQL 8.0.34, released on 2023-07-18, General Availability) which is part of the "Layer7_API_PlatformUpdate_64bit_v10.X-CentOS-2023-07-25" patch.
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-34.html
The mysql_native_password
authentication plugin now is deprecated and subject to removal in a future version of MySQL. CREATE USER
, ALTER USER
, and SET PASSWORD
operations now insert a deprecation warning into the server error log if an account attempts to authenticate using mysql_native_password
as an authentication method. (Bug #35336317)
API Gateway 10.1
The Gateway documentation has been updated with some steps to switch MySQL to use "caching_sha2_password" by default: Using MySQL 8.0 with the Gateway
Existing users needs to be updated in the database and you need to set the password again. To make this switch, follow these steps:
1) In the /etc/my.cnf file, update the following parameter and value from:
default-authentication-plugin=mysql_native_password
to
default-authentication-plugin=caching_sha2_password
2) To ensure that existing Gateway MySQL users are assigned the caching_sha2_password plugin for encryption, use the ALTER USER command.
For example:
ALTER USER 'someuser'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'somepassword';
3) Restart the MySQL database and Gateway for the changes to take effect.
As temporary solution, you can suppress the warning message from the mysqld.log .
1) Edit /etc/my.cnf and add below line under [mysqld] section:
log_error_suppression_list='MY-013360'
an example of how it should like after change:
2) Restart MySQL service to allow new settings to take effect.