Summary

Upgrading from MySQL5.7 to MySQL8 for being compliant with the new Supported Platforms restrictions in Confluence, triggers warning messages related to 'mysql_native_password' plugin. 

Environment

Confluence 7.19 or Confluence 8 

MySQL 8

Diagnosis

In the MySQL logs, the following warning can be observed after starting to use MySQL v8:

2024-02-26T09:56:15.444623Z 9 [Warning] [MY-013360] [Server] Plugin mysql_native_password reported: ''mysql_native_password' is deprecated and will be removed in a future release. Please use caching_sha2_password instead'

Cause

 mysql_native_password is considered weak compared to more modern authentication methods like the default caching_sha2_password. This authentication method is marked as deprecated since MySQL 8.0.34 as officially mentioned in here and fully removed starting in MySQL v9.0 as stated in the following Oracle blogpost: MySQL 9.0 – it’s time to abandon the weak authentication method

Solution

caching_sha2_password plugin is supported by MySQL since MySQL Driver 8.0.9 as officially stated in their own documentation: MySQL Connector/J Release Notes >  Changes in MySQL Connector/J 8.0.9 (2018-01-30, Release Candidate)

To connect to the server using an account that authenticates with the caching_sha2_password plugin, you must use either a secure connection or an unencrypted connection that supports password exchange using an RSA key pair. You can read more about configuring MySQL with SSL in their documentation Connecting Securely Using SSL. Either way, the caching_sha2_password plugin uses MySQL's encryption capabilities. See Section 8.3, “Using Encrypted Connections”.

From Confluence's point of view, there is no impediment that prevents this configuration to work as long as it is properly configured in the database side.