Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
Roman Morozov2019-04-19 21:57:07
MySQL
Roman Morozov, 2019-04-19 21:57:07

How to correctly attach a security certificate (SSL) to HikariCP Mysql connection to a Java base?

My cloud, where the mysql cluster is located, only allows you to connect using an SSL certificate. The application that needs to connect to the database connects to the database through a connection pool - HikariCP.
I use:
Mysql 5.7
Java 8
HikariCP 3.3.1

try {
      DatabaseConfig.DATABASE_DRIVER.newInstance();
    }
    catch (Exception e) {
      log.error("[MySQLDatabaseFactory]: Error obtaining DB driver", e);
      throw new Error("[MySQLDatabaseFactory]: DB Driver doesnt exist!");
    }

    HikariConfig config = new HikariConfig();
    config.setMaximumPoolSize(DatabaseConfig.DATABASE_CONNECTIONS_MAX);
    config.setConnectionTimeout(DatabaseConfig.DATABASE_TIMEOUT);
    config.setDataSourceClassName(DatabaseConfig.DATABASE_DRIVER.getName());
    config.addDataSourceProperty("url", DatabaseConfig.DATABASE_URL);
    config.addDataSourceProperty("user", DatabaseConfig.DATABASE_USER);
    config.addDataSourceProperty("password", DatabaseConfig.DATABASE_PASSWORD);

    dataSource = new HikariDataSource(config);

    try {
      Connection c = getConnection();
      DatabaseMetaData dmd = c.getMetaData();
      databaseName = dmd.getDatabaseProductName();
      c.close();
    }
    catch (Exception e) {
      log.error("[MySQLDatabaseFactory]: Error with connection string: " + DatabaseConfig.DATABASE_URL, e);
      throw new Error("[MySQLDatabaseFactory]: DatabaseFactory not initialized!");
    }

    log.info("Successfully connected to database");

I can't connect using an SSL certificate - .pem extension Please tell me
how to do it right.
Error when starting without specified SSL
Mistake
2019-04-19 21:49:52,644 HikariPool-1 - Exception during pool initialization.
com.mysql.cj.jdbc.exceptions.CommunicationsException: Communications link failure

The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
  at com.mysql.cj.jdbc.exceptions.SQLError.createCommunicationsException(SQLError.java:174)
  at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:64)
  at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:832)
  at com.mysql.cj.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:456)
  at com.mysql.cj.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:240)
  at com.mysql.cj.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:207)
  at com.mysql.cj.jdbc.MysqlDataSource.getConnection(MysqlDataSource.java:393)
  at com.mysql.cj.jdbc.MysqlDataSource.getConnection(MysqlDataSource.java:125)
  at com.mysql.cj.jdbc.MysqlDataSource.getConnection(MysqlDataSource.java:110)
  at com.zaxxer.hikari.pool.PoolBase.newConnection(PoolBase.java:353)
  at com.zaxxer.hikari.pool.PoolBase.newPoolEntry(PoolBase.java:201)
  at com.zaxxer.hikari.pool.HikariPool.createPoolEntry(HikariPool.java:473)
  at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:562)
  at com.zaxxer.hikari.pool.HikariPool.<init>(HikariPool.java:115)
  at com.zaxxer.hikari.HikariDataSource.<init>(HikariDataSource.java:81)
Caused by: com.mysql.cj.exceptions.CJCommunicationsException: Communications link failure

The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
  at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:61)
  at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:105)
  at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:151)
  at com.mysql.cj.exceptions.ExceptionFactory.createCommunicationsException(ExceptionFactory.java:167)
  at com.mysql.cj.protocol.a.NativeProtocol.negotiateSSLConnection(NativeProtocol.java:351)
  at com.mysql.cj.protocol.a.NativeAuthenticationProvider.negotiateSSLConnection(NativeAuthenticationProvider.java:796)
  at com.mysql.cj.protocol.a.NativeAuthenticationProvider.proceedHandshakeWithPluggableAuthentication(NativeAuthenticationProvider.java:503)
  at com.mysql.cj.protocol.a.NativeAuthenticationProvider.connect(NativeAuthenticationProvider.java:220)
  at com.mysql.cj.protocol.a.NativeProtocol.connect(NativeProtocol.java:1443)
  at com.mysql.cj.NativeSession.connect(NativeSession.java:165)
  at com.mysql.cj.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:952)
  at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:822)
  ... 14 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
  at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
  at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
  at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
  at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
  at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
  at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
  at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
  at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
  at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
  at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
  at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
  at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
  at com.mysql.cj.protocol.ExportControlled.performTlsHandshake(ExportControlled.java:315)
  at com.mysql.cj.protocol.StandardSocketFactory.performTlsHandshake(StandardSocketFactory.java:206)
  at com.mysql.cj.protocol.a.NativeSocketConnection.performTlsHandshake(NativeSocketConnection.java:99)
  at com.mysql.cj.protocol.a.NativeProtocol.negotiateSSLConnection(NativeProtocol.java:347)
  ... 21 common frames omitted

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
A
Anholle2019-09-09 11:37:42
How to set up a filter in the feedback form? 0Reply
A
Anton Zolotarev2015-04-20 17:51:12
How to make 2 conditions in Apache - Rewrite rule? 4Reply
C
CarfikDK2020-10-01 11:28:14
Is disclosing a user's IP legal? 4Reply
7
7a-6662022-02-05 17:26:31
How to get to the runserver that was launched inside the container from the browser? 2Reply
K
Kratko632020-10-15 12:48:58
How to make a MySQL SELECT query from 2 tables based on multiple values? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question