Мое облако, где расположен кластер mysql разрешает подключаться только используя SSL сертификат. Приложение которое должно подключаться к базе подключается к базе через пул соединений - HikariCP.
Использую:
Mysql 5.7
Java 8
HikariCP 3.3.1
try {
DatabaseConfig.DATABASE_DRIVER.newInstance();
}
catch (Exception e) {
log.error("[MySQLDatabaseFactory]: Error obtaining DB driver", e);
throw new Error("[MySQLDatabaseFactory]: DB Driver doesnt exist!");
}
HikariConfig config = new HikariConfig();
config.setMaximumPoolSize(DatabaseConfig.DATABASE_CONNECTIONS_MAX);
config.setConnectionTimeout(DatabaseConfig.DATABASE_TIMEOUT);
config.setDataSourceClassName(DatabaseConfig.DATABASE_DRIVER.getName());
config.addDataSourceProperty("url", DatabaseConfig.DATABASE_URL);
config.addDataSourceProperty("user", DatabaseConfig.DATABASE_USER);
config.addDataSourceProperty("password", DatabaseConfig.DATABASE_PASSWORD);
dataSource = new HikariDataSource(config);
try {
Connection c = getConnection();
DatabaseMetaData dmd = c.getMetaData();
databaseName = dmd.getDatabaseProductName();
c.close();
}
catch (Exception e) {
log.error("[MySQLDatabaseFactory]: Error with connection string: " + DatabaseConfig.DATABASE_URL, e);
throw new Error("[MySQLDatabaseFactory]: DatabaseFactory not initialized!");
}
log.info("Successfully connected to database");
Не получается подключить использование SSL сертификата - расширение .pem
Подскажите пожалуйста, как правильно это сделать.
Ошибка возникающая при запуске без указанного SSL
Ошибка2019-04-19 21:49:52,644 HikariPool-1 - Exception during pool initialization.
com.mysql.cj.jdbc.exceptions.CommunicationsException: Communications link failure
The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
at com.mysql.cj.jdbc.exceptions.SQLError.createCommunicationsException(SQLError.java:174)
at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:64)
at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:832)
at com.mysql.cj.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:456)
at com.mysql.cj.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:240)
at com.mysql.cj.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:207)
at com.mysql.cj.jdbc.MysqlDataSource.getConnection(MysqlDataSource.java:393)
at com.mysql.cj.jdbc.MysqlDataSource.getConnection(MysqlDataSource.java:125)
at com.mysql.cj.jdbc.MysqlDataSource.getConnection(MysqlDataSource.java:110)
at com.zaxxer.hikari.pool.PoolBase.newConnection(PoolBase.java:353)
at com.zaxxer.hikari.pool.PoolBase.newPoolEntry(PoolBase.java:201)
at com.zaxxer.hikari.pool.HikariPool.createPoolEntry(HikariPool.java:473)
at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:562)
at com.zaxxer.hikari.pool.HikariPool.<init>(HikariPool.java:115)
at com.zaxxer.hikari.HikariDataSource.<init>(HikariDataSource.java:81)
Caused by: com.mysql.cj.exceptions.CJCommunicationsException: Communications link failure
The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:61)
at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:105)
at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:151)
at com.mysql.cj.exceptions.ExceptionFactory.createCommunicationsException(ExceptionFactory.java:167)
at com.mysql.cj.protocol.a.NativeProtocol.negotiateSSLConnection(NativeProtocol.java:351)
at com.mysql.cj.protocol.a.NativeAuthenticationProvider.negotiateSSLConnection(NativeAuthenticationProvider.java:796)
at com.mysql.cj.protocol.a.NativeAuthenticationProvider.proceedHandshakeWithPluggableAuthentication(NativeAuthenticationProvider.java:503)
at com.mysql.cj.protocol.a.NativeAuthenticationProvider.connect(NativeAuthenticationProvider.java:220)
at com.mysql.cj.protocol.a.NativeProtocol.connect(NativeProtocol.java:1443)
at com.mysql.cj.NativeSession.connect(NativeSession.java:165)
at com.mysql.cj.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:952)
at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:822)
... 14 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at com.mysql.cj.protocol.ExportControlled.performTlsHandshake(ExportControlled.java:315)
at com.mysql.cj.protocol.StandardSocketFactory.performTlsHandshake(StandardSocketFactory.java:206)
at com.mysql.cj.protocol.a.NativeSocketConnection.performTlsHandshake(NativeSocketConnection.java:99)
at com.mysql.cj.protocol.a.NativeProtocol.negotiateSSLConnection(NativeProtocol.java:347)
... 21 common frames omitted
Простой
Простой
