Hi,
As Edwin explained you can get direct support from Oracle's MySQL support team which would provide you all the info and guidance you need.
But, I can tell you right now this is the expected default behavior. Let me explain:
MySQL 8.0 comes with `caching_sha2_password` as default authentication plugin. You can read all about it in MySQL documentation page
https://dev.mysql.com/doc/refman/8.0/en/caching-sha2-pluggable-authentication.html. Note that, right in the beginning of this page, in the "Important" notes, you can read:
> "To connect to the server using an account that authenticates with the caching_sha2_password plugin, you must use either a secure connection or an unencrypted connection that supports password exchange using an RSA key pair (...)"
So, since you are disabling SSL in your connection string (`useSSL=false`) you are not being able to authenticate, but, as soon as you successfully authenticate once, wherever from, then your Java application also connects successfully. This is so because of the "caching" aspect of `caching_sha2_password`, in which one successful authentication makes the following ones go through a simpler and faster path that doesn't require SSL at all.
The reason why you are not getting better error messages from the connector is because you also have `autoReconnect=true&maxReconnects=3`, which is hiding the real cause of the connection failure. I recommend disabling auto reconnects while you debug your code.
My advice to you would be:
1. Don't disable SSL. Configure it properly in the server (note that MySQL 8.0 comes with all basic SSL settings enabled and configured by default) and let the client use SSL by removing the option `useSSL=false` from your connection string.
2. If you are OK with or even require non encrypted connections, then you can still use the default authentication plugin (`caching_sha2_password`) but you should let the server keep its default security configurations (or do your own) and add `allowPublicKeyRetrieval=true` to your connection string. This will make the authentication work even if the user credentials are not yet cached.
3. If configuring the security settings in the server is an issue for you and you prefer not to do it, your last option is to change the authentication plugin for the user(s) connecting through Connector/J to `mysql_native_password`.
IHTH