Authentication failed because the remote party sent a TLS alert: 'ProtocolVersion'

**Software versions**
MySqlConnector version: 2.3.1
Application running on EC2 Windows Server 2022 10.0.20348 N/A Build 20348
Server type (MySQL, MariaDB, Aurora, etc.) and version: AWS Aurora MySQL 3.05.0
.NET version: 6.0.23

**Describe the bug**
I'm connecting to an Aurora cluster with a single instance.

Occasionally there is an exception when opening connections: `Authentication failed because the remote party sent a TLS alert: 'ProtocolVersion'.`

My connection string is as follows:
```
server=db.test.internal;uid=api-test;pwd=*redacted*;database=data;AllowUserVariables=True;SSLMode=required;Pooling=True;ConnectionLifeTime=15
;MaximumPoolsize=20;GuidFormat=Binary16;
```

I was previously on MySQLConnector 2.2.7 but have upgraded to 2.3.1 and the issue still exists.

This issue seems to be related to TLS v1.3. If I change the cluster parameter group "tls_version" setting to "TLSv1.2" then the issue doesn't occur. If I set it to "TLSv1.3" or leave it as default (which is both 1.2 and 1.3) then I get the occasional exception.

I am not certain this issue is MySqlConnector-related, but I'm not sure how to pursue it further. Is there some debug I can enable?

**Exception**

```
`MySqlConnector.MySqlException (0x80004005): SSL Authentication Error
 ---> System.Security.Authentication.AuthenticationException: Authentication failed because the remote party sent a TLS alert: 'ProtocolVersion'.
 ---> System.ComponentModel.Win32Exception (0x80090326): The message received was unexpected or badly formatted.
   --- End of inner exception stack trace ---
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
   at MySqlConnector.Core.ServerSession.InitSslAsync(ProtocolCapabilities serverCapabilities, ConnectionSettings cs, MySqlConnection connection, SslProtocols sslProtocols, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ServerSession.cs:line 1476
   at MySqlConnector.Core.ServerSession.InitSslAsync(ProtocolCapabilities serverCapabilities, ConnectionSettings cs, MySqlConnection connection, SslProtocols sslProtocols, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ServerSession.cs:line 1514
   at MySqlConnector.Core.ServerSession.ConnectAsync(ConnectionSettings cs, MySqlConnection connection, Int64 startingTimestamp, ILoadBalancer loadBalancer, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ServerSession.cs:line 542
   at MySqlConnector.Core.ConnectionPool.ConnectSessionAsync(MySqlConnection connection, Action`4 logMessage, Int64 startingTimestamp, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ConnectionPool.cs:line 493
   at MySqlConnector.Core.ConnectionPool.ConnectSessionAsync(MySqlConnection connection, Action`4 logMessage, Int64 startingTimestamp, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ConnectionPool.cs:line 493
   at MySqlConnector.Core.ConnectionPool.GetSessionAsync(MySqlConnection connection, Int64 startingTimestamp, Int32 timeoutMilliseconds, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ConnectionPool.cs:line 148
   at MySqlConnector.Core.ConnectionPool.GetSessionAsync(MySqlConnection connection, Int64 startingTimestamp, Int32 timeoutMilliseconds, Activity activity, IOBehavior ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/Core/ConnectionPool.cs:line 148
   at MySqlConnector.MySqlConnection.CreateSessionAsync(ConnectionPool pool, Int64 startingTimestamp, Activity activity, Nullable`1 ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/MySqlConnection.cs:line 964
   at MySqlConnector.MySqlConnection.OpenAsync(Nullable`1 ioBehavior, CancellationToken cancellationToken) in /_/src/MySqlConnector/MySqlConnection.cs:line 453
   at Dapper.SqlMapper.QueryAsync[T](IDbConnection cnn, Type effectiveType, CommandDefinition command) in /_/Dapper/SqlMapper.Async.cs:line 418
   at Midgard.Api.DataRepository.GetOnlineStateAsync(Int32 customerId) in D:\a\1\s\midgard\Midgard\Api\DataRepository.cs:line 213`
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Authentication failed because the remote party sent a TLS alert: 'ProtocolVersion' #1407

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Authentication failed because the remote party sent a TLS alert: 'ProtocolVersion' #1407

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions