verifyServerCertificate
Posted by:
Ivan Cordon
Date: September 20, 2013 01:50AM
Hi
I'm trying to use verifyServerCertificate to verify the origin server.
From the command line this works but from jdbc this option doesn't work, not applied:
Command line:
(whit --ssl-verify-server-cert)
mysql --ssl-ca=ca.pem --ssl-cert=cert_user_cliente.pem --ssl-key=privkey_user_cliente.pem --ssl-verify-server-cert -u db_user -p -h "127.0.0.1"
Enter password: ****
ERROR 2026 (HY000): SSL connection error: SSL certificate validation failure
(whitout --ssl-verify-server-cert)
Enter password: ****
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 5.6.13 MySQL Community Server (GPL)
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
Now from jdbc:
System.setProperty ("javax.net.ssl.keyStore" ,keystore );
System. setProperty( "javax.net.ssl.keyStorePassword", passKey);
//System.setProperty("javax.net.ssl.keyStoreType","pkcs12");
System. setProperty( "javax.net.ssl.trustStore", truststore );
System. setProperty( "javax.net.ssl.trustStorePassword", passTrust );
//System.setProperty("javax.net.debug","all");
try {
Class. forName( "com.mysql.jdbc.Driver");
String url = "jdbc:mysql://localhost:3306/" + bd +
"?useSSL=true&requireSSL=true&verifyServerCertificate=true" ;
conn = DriverManager. getConnection(url, usuario, password);
Result:
URL: jdbc:mysql://localhost:3306/test?useSSL=true&requireSSL=true&verifyServerCertificate=true
Connection: com.mysql.jdbc.JDBC4Connection@1c1474ea
This not works or I'm doing anything wrong?
I'm using MySQL server 5.6 and mysql-connector-java-5.1.26.bin.jar
Thanks in advance
Subject
Written By
Posted
verifyServerCertificate
September 20, 2013 01:50AM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.