Receive "Bad handshake" error when connect MSQL in Azure from custom database section

When I use Login script in database action scripts, MySQL cannot be connected.

My node code is as follows:

function login(userName, password, callback) {
  const mysql = require('mysql');
  const bcrypt = require('bcrypt');
  const azureCa = "...";

  const connection = mysql.createConnection({
    host: '...',
    port: '3306',
    user: '...',
    password: '...',
    database: '...',
    ssl: {
      ca: azureCa,
      rejectUnauthorized: false
    },
    insecureAuth: true
  });

  connection.connect();

  const query = 'SELECT id, username, password FROM tb_user WHERE username = ?';

  connection.query(query, [ userName ], function(err, results) {
    if (err) return callback(err);
    if (results.length === 0) return callback(new WrongUsernameOrPasswordError(userName));
    const user = results[0];

    bcrypt.compare(password, user.password, function(err, isValid) {
      if (err || !isValid) return callback(err || new WrongUsernameOrPasswordError(user));

      return callback(null, {
        user_id: user.id,
        username: user.username
      });
    });
  });
}

Error returned:

ER_HANDSHAKE_ERROR: Bad handshake

Do I need to add any configuration or do some action to solve this problem?

Hi @tianjun.zhou,

It looks like another user solved a similar issue by hardcoding the cert. Here is the related topic with more info:

Hi @dan.woda ,
Thank you for your reply. However, the code I showed above has already hardcoded the cert according to the solution of issue provided by you, but it still reports an error: bad handshake.

Can you please provide an example (scrubbed of sensitive info) of the formatting you are using for the cert?

“-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\n…\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n”

Have you tried connecting to your DB from a node app? That can help us narrow this to the MySQL server config or the Auth0 Custom DB script.