Skip navigation links

MySQL Forums :: Connector/JDBC and Java :: verifyServerCertificate

Advanced Search

Posted by: Ivan Cordon ()
Date: September 20, 2013 01:50AM


I'm trying to use verifyServerCertificate to verify the origin server.

From the command line this works but from jdbc this option doesn't work, not applied:

Command line:

(whit --ssl-verify-server-cert)

mysql --ssl-ca=ca.pem --ssl-cert=cert_user_cliente.pem --ssl-key=privkey_user_cliente.pem --ssl-verify-server-cert -u db_user -p -h ""

Enter password: ****
ERROR 2026 (HY000): SSL connection error: SSL certificate validation failure

(whitout --ssl-verify-server-cert)

Enter password: ****
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 5.6.13 MySQL Community Server (GPL)

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


Now from jdbc:

System.setProperty ("" ,keystore );
System. setProperty( "", passKey);
System. setProperty( "", truststore );
System. setProperty( "", passTrust );
try {
Class. forName( "com.mysql.jdbc.Driver");

String url = "jdbc:mysql://localhost:3306/" + bd +
"?useSSL=true&requireSSL=true&verifyServerCertificate=true" ;

conn = DriverManager. getConnection(url, usuario, password);


URL: jdbc:mysql://localhost:3306/test?useSSL=true&requireSSL=true&verifyServerCertificate=true
Connection: com.mysql.jdbc.JDBC4Connection@1c1474ea

This not works or I'm doing anything wrong?
I'm using MySQL server 5.6 and mysql-connector-java-5.1.26.bin.jar

Thanks in advance

Options: ReplyQuote

Subject Written By Posted
verifyServerCertificate Ivan Cordon 09/20/2013 01:50AM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.