Skip navigation links

MySQL Forums :: Connector/JDBC and Java :: verifyServerCertificate


Advanced Search

verifyServerCertificate
Posted by: Ivan Cordon ()
Date: September 20, 2013 01:50AM

Hi

I'm trying to use verifyServerCertificate to verify the origin server.

From the command line this works but from jdbc this option doesn't work, not applied:

Command line:

(whit --ssl-verify-server-cert)

mysql --ssl-ca=ca.pem --ssl-cert=cert_user_cliente.pem --ssl-key=privkey_user_cliente.pem --ssl-verify-server-cert -u db_user -p -h "127.0.0.1"

Enter password: ****
ERROR 2026 (HY000): SSL connection error: SSL certificate validation failure

(whitout --ssl-verify-server-cert)

Enter password: ****
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 5.6.13 MySQL Community Server (GPL)

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>


Now from jdbc:

System.setProperty ("javax.net.ssl.keyStore" ,keystore );
System. setProperty( "javax.net.ssl.keyStorePassword", passKey);
//System.setProperty("javax.net.ssl.keyStoreType","pkcs12");
System. setProperty( "javax.net.ssl.trustStore", truststore );
System. setProperty( "javax.net.ssl.trustStorePassword", passTrust );
//System.setProperty("javax.net.debug","all");
try {
Class. forName( "com.mysql.jdbc.Driver");

String url = "jdbc:mysql://localhost:3306/" + bd +
"?useSSL=true&requireSSL=true&verifyServerCertificate=true" ;

conn = DriverManager. getConnection(url, usuario, password);

Result:

URL: jdbc:mysql://localhost:3306/test?useSSL=true&requireSSL=true&verifyServerCertificate=true
Connection: com.mysql.jdbc.JDBC4Connection@1c1474ea



This not works or I'm doing anything wrong?
I'm using MySQL server 5.6 and mysql-connector-java-5.1.26.bin.jar



Thanks in advance

Options: ReplyQuote


Subject Written By Posted
verifyServerCertificate Ivan Cordon 09/20/2013 01:50AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.