Reputation: 1946
How can I configure Hibernate to use SSL to talk to the DB server?
I have an existing java webapp that uses Hibernate for it's persistence. I've been told that I have to have to talk to the DB encrypted - so my first thought is to set it up to do the communication via SSL - and went through figured out how to set up Oracle to listen for JDBC over SSL -
http://www.oracle.com/technology/tech/java/sqlj_jdbc/pdf/wp-oracle-jdbc_thin_ssl_2007.pdf
And wrote a quick test class to verify that it was setup and working (connecting via standard JDBC). That left me with the issue of configuring Hibernate - unfortunately I don't see how hibernate supports it?
Upvotes: 11
Views: 28245
Answers (5)
Reputation: 1157
I had the jdbcURL
jdbc:postgresql://jdbcurl?sslmode=require&sslrootcert=location_to_cert1&sslcert=location_to_cert2&sslkey=location_to_cert3.
All I had to do was to replace all the & with &.
My new jdbcURL looks like
jdbc:postgresql://jdbcurl?sslmode=require&sslrootcert=location_to_cert1&sslcert=location_to_cert2&sslkey=location_to_cert3
Upvotes: 0
Reputation: 48
Please add following property in Hibernate configuration file to enable SSL :
<property name="hibernate.connection.verifyServerCertificate">false</property>
<property name="hibernate.connection.useSSL">true</property>
Upvotes: 2
Reputation: 993
Try this:
<property name="hibernate.dialect">org.hibernate.dialect.MySQLInnoDBDialect</property>
<property name="hibernate.connection.driver_class">com.mysql.jdbc.Driver</property>
<property name="hibernate.connection.url">jdbc:mysql://blablaba:8443/dbname?useSSL=true</property>
<property name="hibernate.connection.verifyServerCertificate">false</property>
<property name="hibernate.connection.requireSSL">true</property>
<property name="hibernate.connection.autoReconnect">true</property>
<property name="hibernate.connection.username">bablablab</property>
<property name="hibernate.connection.password">clclclclc</property>
related links
http://www.razorsql.com/articles/mysql_ssl_jdbc.html
http://dev.mysql.com/doc/refman/5.0/en/connector-j-reference-using-ssl.html
http://www.javabeat.net/qna/164-hibernate-jdbc-and-connection-properties/
Upvotes: 4
Reputation: 11292
Hibernate works with standard JDBC data sources, so there is no need for Hibernate-specific configuration.
Here's an quick example that should work when configuring Hibernate with Spring:
<bean id="dataSource" class="oracle.jdbc.pool.OracleDataSource">
<property name="URL"><value><!-- JDBC URL that specifies SSL connection --></value></property>
<!-- other relevant properties, like user and password -->
<property name="connectionProperties>
<value>
oracle.net.ssl_cipher_suites: (ssl_rsa_export_with_rc4_40_md5, ssl_rsa_export_with_des40_cbc_sha)
oracle.net.ssl_client_authentication: false
oracle.net.ssl_version: 3.0
oracle.net.encryption_client: REJECTED
oracle.net.crypto_checksum_client: REJECTED
</value>
</property>
</bean>
<bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<!-- classes etc -->
</bean>
Upvotes: 5
Reputation: 573
Should be handled by the driver but you may have to do some configuration. Oracle Docs
Upvotes: 1
Related Questions
- hibernate configuration: I have already set useSSL=false, but still got the warning
- How to establish SSL connection with DB (SQL Server, PG), in a driver agnostic way?
- How to use SSL encryption when connecting Vaadin App with Hibernate to MariaDB on Azure
- SSl Handshake validation error in connection to SQL Server by JDBC driver
- CertPathValidatorException Java trying to connect to server database using SSL
- Unable to add SSL support for database
- Connect MariaDB through Spring and Hibernate using SSL (Self-Signed) certificates
- Configure SSL certificates with Hibernate, Spring and JDBC
- Specifying certificates with Hibernate
- Enabling SSL with MySQL RDS in Hibernate