How to Fix the 'TLS requested but server does not support TLS' Error with Google Cloud SQL (2nd Generation) and App Engine?

Troubleshooting "TLS requested but server does not support TLS" Error with Google Cloud SQL (2nd Generation) and Google App Engine

Reconnecting to Google Cloud SQL using an established connection string may cause issues when transitioning from generation one to generation two instances. App Engine and Cloud SQL employ different connection parameters between these generations, leading to the "TLS requested but server does not support TLS" error.

The Cause:

Generation two Cloud SQL instances do not support MySQL-level SSL communication with App Engine Standard Environment. While communication between App Engine and Cloud SQL is already encrypted, MySQL-level SSL adds minimal value to the security.

The Solution:

At present, there is no direct solution to enable MySQL-level SSL between App Engine Standard Environment and Cloud SQL second generation instances. The App Engine team is exploring the possibility of providing support for this in the future.

Alternative Approach:

One alternative to MySQL-level SSL is to implement transport-level encryption through IP whitelisting or private Google Access. This method ensures secure communication between App Engine and Cloud SQL without relying on SSL. Refer to the Google Cloud SQL documentation for more information on IP whitelisting and private Google Access.

The above is the detailed content of How to Fix the 'TLS requested but server does not support TLS' Error with Google Cloud SQL (2nd Generation) and App Engine?. For more information, please follow other related articles on the PHP Chinese website!