Reputation: 187
Unsupported protocol with JDBC connection
I have been tasked with verifying weblogic can connect to a oracle database setup with TLS 1.2. When starting weblogic using the jdbc connection information that works with sqlnet I am getting the following error.
<Jul 6, 2016 11:21:06 AM EDT> <Error> <Deployer> <BEA-149205> <Failed to initialize the application "apptxDataSource" due to error weblogic.application.ModuleException: java.lang.IllegalArgumentException: Unsupported protocol SSLv2Hello
weblogic.application.ModuleException: java.lang.IllegalArgumentException: Unsupported protocol SSLv2Hello
at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:350)
at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:100)
at weblogic.application.internal.flow.ModuleStateDriver$1.next(ModuleStateDriver.java:175)
at weblogic.application.internal.flow.ModuleStateDriver$1.next(ModuleStateDriver.java:170)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:42)
Truncated. see log file for complete stacktrace
Caused By: java.lang.IllegalArgumentException: Unsupported protocol SSLv2Hello
at com.rsa.sslj.x.aD.a(Unknown Source)
at com.rsa.sslj.x.aH.b(Unknown Source)
at com.rsa.sslj.x.aS.setEnabledProtocols(Unknown Source)
at oracle.net.nt.TcpsConfigure.configureVersion(TcpsConfigure.java:175)
at oracle.net.nt.TcpsNTAdapter.setSSLSocketOptions(TcpsNTAdapter.java:253)
Truncated. see log file for complete stacktrace
I don't have direct access to the database configuration but i can get any information needed. Guess I should also say I have little experience with SSL configurations. Any guidance would be appreciated.
Upvotes: 0
Views: 2747
Answers (1)
Reputation: 3763
To configure the connection to the Oracle Database to use TLSv1.2 (assuming your Oracle Database server is already configured to accept TLSv1.2 connections) you first need to use the 12.1.0.2 JDBC thin driver with a patch which can be downloaded from here: Oracle JDBC driver download page
Then set the following system properties -Doracle.net.ssl_version='1.2' -Doracle.net.ssl_cipher_suites='(TLS_RSA_WITH_AES_256_CBC_SHA256)'. You can add more cipher suites of course.
Also be sure to install the JCE Unlimited Strength Jurisdiction Policy Files.
For simplicity I would recommend using JKS files for the trust store and the key store. Avoid using wallets that are difficult to use (you would need oraclepki.jar in your classpath).
One final tip. If you run into issues you can turn on debugging with -Djavax.net.debug=all which provides a lot of useful information.
Upvotes: 1
Related Questions
- SQLException: Protocol violation. Oracle JDBC Driver issue
- Java 1.8.0 enable TLS1.2 in JDBC connection
- Cannot make TLS connection with Java, we're getting a strange Error
- JDBC Connection to Oracle database using TLS Certificate
- weblogic.net.http.SOAPHttpsURLConnection cannot be cast to javax.net.ssl.HttpsURLConnection
- Using TLSv1.2 with Microsoft JDBC driver and Oracle JRE 7
- Java JDBC unable to connect to a Oracle database with SSL
- TLSv1 connection failed with handshake failure
- Connection closed, EOF detected
- Exception in SSL Handshaking