Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
Roman Morozov2019-04-19 21:57:07
MySQL
Roman Morozov, 2019-04-19 21:57:07

How to correctly attach a security certificate (SSL) to HikariCP Mysql connection to a Java base?

My cloud, where the mysql cluster is located, only allows you to connect using an SSL certificate. The application that needs to connect to the database connects to the database through a connection pool - HikariCP.
I use:
Mysql 5.7
Java 8
HikariCP 3.3.1

try {
      DatabaseConfig.DATABASE_DRIVER.newInstance();
    }
    catch (Exception e) {
      log.error("[MySQLDatabaseFactory]: Error obtaining DB driver", e);
      throw new Error("[MySQLDatabaseFactory]: DB Driver doesnt exist!");
    }

    HikariConfig config = new HikariConfig();
    config.setMaximumPoolSize(DatabaseConfig.DATABASE_CONNECTIONS_MAX);
    config.setConnectionTimeout(DatabaseConfig.DATABASE_TIMEOUT);
    config.setDataSourceClassName(DatabaseConfig.DATABASE_DRIVER.getName());
    config.addDataSourceProperty("url", DatabaseConfig.DATABASE_URL);
    config.addDataSourceProperty("user", DatabaseConfig.DATABASE_USER);
    config.addDataSourceProperty("password", DatabaseConfig.DATABASE_PASSWORD);

    dataSource = new HikariDataSource(config);

    try {
      Connection c = getConnection();
      DatabaseMetaData dmd = c.getMetaData();
      databaseName = dmd.getDatabaseProductName();
      c.close();
    }
    catch (Exception e) {
      log.error("[MySQLDatabaseFactory]: Error with connection string: " + DatabaseConfig.DATABASE_URL, e);
      throw new Error("[MySQLDatabaseFactory]: DatabaseFactory not initialized!");
    }

    log.info("Successfully connected to database");

I can't connect using an SSL certificate - .pem extension Please tell me
how to do it right.
Error when starting without specified SSL
Mistake
2019-04-19 21:49:52,644 HikariPool-1 - Exception during pool initialization.
com.mysql.cj.jdbc.exceptions.CommunicationsException: Communications link failure

The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
  at com.mysql.cj.jdbc.exceptions.SQLError.createCommunicationsException(SQLError.java:174)
  at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:64)
  at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:832)
  at com.mysql.cj.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:456)
  at com.mysql.cj.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:240)
  at com.mysql.cj.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:207)
  at com.mysql.cj.jdbc.MysqlDataSource.getConnection(MysqlDataSource.java:393)
  at com.mysql.cj.jdbc.MysqlDataSource.getConnection(MysqlDataSource.java:125)
  at com.mysql.cj.jdbc.MysqlDataSource.getConnection(MysqlDataSource.java:110)
  at com.zaxxer.hikari.pool.PoolBase.newConnection(PoolBase.java:353)
  at com.zaxxer.hikari.pool.PoolBase.newPoolEntry(PoolBase.java:201)
  at com.zaxxer.hikari.pool.HikariPool.createPoolEntry(HikariPool.java:473)
  at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:562)
  at com.zaxxer.hikari.pool.HikariPool.<init>(HikariPool.java:115)
  at com.zaxxer.hikari.HikariDataSource.<init>(HikariDataSource.java:81)
Caused by: com.mysql.cj.exceptions.CJCommunicationsException: Communications link failure

The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
  at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:61)
  at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:105)
  at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:151)
  at com.mysql.cj.exceptions.ExceptionFactory.createCommunicationsException(ExceptionFactory.java:167)
  at com.mysql.cj.protocol.a.NativeProtocol.negotiateSSLConnection(NativeProtocol.java:351)
  at com.mysql.cj.protocol.a.NativeAuthenticationProvider.negotiateSSLConnection(NativeAuthenticationProvider.java:796)
  at com.mysql.cj.protocol.a.NativeAuthenticationProvider.proceedHandshakeWithPluggableAuthentication(NativeAuthenticationProvider.java:503)
  at com.mysql.cj.protocol.a.NativeAuthenticationProvider.connect(NativeAuthenticationProvider.java:220)
  at com.mysql.cj.protocol.a.NativeProtocol.connect(NativeProtocol.java:1443)
  at com.mysql.cj.NativeSession.connect(NativeSession.java:165)
  at com.mysql.cj.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:952)
  at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:822)
  ... 14 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
  at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
  at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
  at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
  at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
  at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
  at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
  at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
  at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
  at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
  at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
  at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
  at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
  at com.mysql.cj.protocol.ExportControlled.performTlsHandshake(ExportControlled.java:315)
  at com.mysql.cj.protocol.StandardSocketFactory.performTlsHandshake(StandardSocketFactory.java:206)
  at com.mysql.cj.protocol.a.NativeSocketConnection.performTlsHandshake(NativeSocketConnection.java:99)
  at com.mysql.cj.protocol.a.NativeProtocol.negotiateSSLConnection(NativeProtocol.java:347)
  ... 21 common frames omitted

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
E
Eugene2019-10-15 23:20:51
What engine does snik.co run on? 2Reply
Z
zhandosbai2015-06-24 21:12:30
User region specifier for Yii, which one to choose? 3Reply
Q
Questions00012021-05-07 16:07:05
How to bypass intrusive Youtube ads? ad blockers don't help. You need to switch to a paid plan to stop ads. What can be done? 4Reply
A
Alexander Reshetnyak2017-06-17 19:35:05
Which Blender plugin is better for creating sprites for games? 1Reply
R
ReD2017-06-20 15:59:52
mod_rewrite module is now integrated into Apache? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question