(yet another) SSL connection problem - Mailing list pgsql-jdbc
| From | Vic Simkus |
|---|---|
| Subject | (yet another) SSL connection problem |
| Date | |
| Msg-id | 489B4C29.3060701@uic.edu Whole thread Raw |
| Responses |
Re: (yet another) SSL connection problem
|
| List | pgsql-jdbc |
Hello I'm having trouble connecting to a server via SSL using the JDBC driver. I'm able to connect to the server using pgadmin and psql, so the problem seems to be rooted in Java. We have our own local, private CA here that we use for things just like this. I generated a key and cert request using key tool and then signed the request. I also added the CA cert to the key store. After all that the key store looks like this: pgsql, Aug 7, 2008, keyEntry, Certificate fingerprint (MD5): FA:4A:DB:E1:A6:14:C1:52:48:DB:AA:53:B0:65:88:BF local_ca, Aug 7, 2008, trustedCertEntry, Certificate fingerprint (MD5): BD:4C:AE:FC:5B:75:A1:50:93:C8:AB:5D:76:80:30:04 When I try to connect the connection fails with the an exception that is at the end of the email. The server log shows: 2008-08-07 14:17:12 CDT LOG: 08P01: could not accept SSL connection: peer did not return a certificate 2008-08-07 14:17:12 CDT LOCATION: open_server_SSL, be-secure.c:902 For fun, I cloned the "pgsql" keyEntry and named the clone "mykey". I also imported the server cert.... mykey, Aug 7, 2008, keyEntry, Certificate fingerprint (MD5): FA:4A:DB:E1:A6:14:C1:52:48:DB:AA:53:B0:65:88:BF pgsql, Aug 7, 2008, keyEntry, Certificate fingerprint (MD5): FA:4A:DB:E1:A6:14:C1:52:48:DB:AA:53:B0:65:88:BF local_ca, Aug 7, 2008, trustedCertEntry, Certificate fingerprint (MD5): BD:4C:AE:FC:5B:75:A1:50:93:C8:AB:5D:76:80:30:04 dbdev-server-cert, Aug 7, 2008, trustedCertEntry, Certificate fingerprint (MD5): EE:C5:F8:EA:72:0F:5C:D7:8A:F4:38:6F:8C:CD:6C:54 Same problem persists. I'm running postgres 8.2.6, Java 1.5.0_13, and the JDBC driver postgresql-8.3-603.jdbc3.jar Any help would be appreciated. Thanks Vic Exception listing: [14:17:12.817] Caused by: org.postgresql.util.PSQLException: The connection attempt failed. [14:17:12.817] at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:137) [14:17:12.817] at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:66) [14:17:12.817] at org.postgresql.jdbc2.AbstractJdbc2Connection.<init>(AbstractJdbc2Connection.java:124) [14:17:12.817] at org.postgresql.jdbc3.AbstractJdbc3Connection.<init>(AbstractJdbc3Connection.java:30) [14:17:12.817] at org.postgresql.jdbc3.Jdbc3Connection.<init>(Jdbc3Connection.java:24) [14:17:12.817] at org.postgresql.Driver.makeConnection(Driver.java:386) [14:17:12.817] at org.postgresql.Driver.connect(Driver.java:260) [14:17:12.817] at java.sql.DriverManager.getConnection(DriverManager.java:525) [14:17:12.817] at java.sql.DriverManager.getConnection(DriverManager.java:171) [14:17:12.817] at org.postgresql.ds.common.BaseDataSource.getConnection(BaseDataSource.java:83) [14:17:12.817] at org.postgresql.ds.PGConnectionPoolDataSource.getPooledConnection(PGConnectionPoolDataSource.java:72) [14:17:12.817] at com.caucho.sql.DriverConfig.createPooledConnection(DriverConfig.java:586) [14:17:12.817] at com.caucho.sql.ManagedConnectionImpl.initDriverConnection(ManagedConnectionImpl.java:245) [14:17:12.817] at com.caucho.sql.ManagedConnectionImpl.<init>(ManagedConnectionImpl.java:141) [14:17:12.817] at com.caucho.sql.ManagedFactoryImpl.createManagedConnection(ManagedFactoryImpl.java:139) [14:17:12.817] at com.caucho.jca.ConnectionPool.create(ConnectionPool.java:926) [14:17:12.817] at com.caucho.jca.ConnectionPool.allocatePool(ConnectionPool.java:795) [14:17:12.817] at com.caucho.jca.ConnectionPool.allocate(ConnectionPool.java:756) [14:17:12.817] at com.caucho.jca.ConnectionPool.allocateConnection(ConnectionPool.java:567) [14:17:12.817] at com.caucho.sql.DataSourceImpl.getConnection(DataSourceImpl.java:65) [14:17:12.817] at com.caucho.sql.DBPool.getConnection(DBPool.java:701) [14:17:12.817] at org.hibernate.connection.DatasourceConnectionProvider.getConnection(DatasourceConnectionProvider.java:69) [14:17:12.817] at org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:423) [14:17:12.817] ... 41 more [14:17:12.817] Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure [14:17:12.817] at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) [14:17:12.817] at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117) [14:17:12.817] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1584) [14:17:12.817] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:866) [14:17:12.817] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1366) [14:17:12.817] at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:103) [14:17:12.817] at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:590) [14:17:12.817] at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:698) [14:17:12.817] at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:624) [14:17:12.817] at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:160) [14:17:12.817] at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) [14:17:12.817] at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) [14:17:12.817] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818) [14:17:12.817] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030) [14:17:12.817] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622) [14:17:12.817] at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59) [14:17:12.817] at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65) [14:17:12.817] at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123) [14:17:12.817] at org.postgresql.core.PGStream.flush(PGStream.java:508) [14:17:12.817] at org.postgresql.core.v3.ConnectionFactoryImpl.sendStartupPacket(ConnectionFactoryImpl.java:244) [14:17:12.817] at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:92) [14:17:12.817] ... 63 more -- Vic Simkus Department of Neurology, UIC 912 South Wood St. Room 855N Chicago IL 60612
pgsql-jdbc by date: