Reputation: 334
CertPathValidatorException Java trying to connect to server database using SSL
I have a Java application (with hibernate) that I'm trying to use in a project with Google Cloud SQL + Compute Engine, without success.
Google Cloud SQL requires me to connect to the database through SSL, using server-ca.pem, client-cert.pem and client-key.pem.
Before that, I connected to my database using properties:
hibernate.connection.driver_class=com.mysql.cj.jdbc.Driver
hibernate.connection.url=jdbc:mysql://localhost/dbname?autoReconnect=true&useSSL=false
hibernate.connection.username=root
hibernate.connection.password=pass
hibernate.dialect=org.hibernate.dialect.MySQLDialect
How I can change this to work with SSL?
Thank you!
[EDIT]
Tried Pooja Aggarwal answer but didn't work.
Using -Djavax.net.debug=all I'm getting the exception:
Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
[EDIT 2]
Commands that i run for generating certs:
openssl pkcs12 -export -in client-cert.pem -inkey client-key.pem \
-name "mysqldb" -passout pass:MYPASS -out client-keystore.p12
keytool -importkeystore -srckeystore client-keystore.p12 -srcstoretype pkcs12 \
-srcstorepass MYPASS -destkeystore keystore -deststoretype JKS -deststorepass MYPASS
And then executed:
java -Djavax.net.ssl.keyStore=/home/user/cert/keystore -Djavax.net.ssl.keyStorePassword=MYPASS -jar MyApp.jar
PS: I can connect using:
mysql -uroot -p -h 192.00.00.00 \
--ssl-ca=server-ca.pem --ssl-cert=client-cert.pem \
--ssl-key=client-key.pem
Upvotes: 0
Views: 442
Answers (1)
Reputation: 1213
Follow the steps mentioned in this link. https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-using-ssl.html
You need to mark useSSL as true and import certificates in your JDK whose steps are mentioned in above link. Then you need to set system properties.
System.setProperty("javax.net.ssl.keyStore","path_to_keystore_file");
System.setProperty("javax.net.ssl.keyStorePassword","mypassword");
Import Certificate using steps mentioned in this link : How to import a .cer certificate into a java keystore?
Upvotes: 2
Related Questions
- MySQL JDBC over SSL problem
- SSl Handshake validation error in connection to SQL Server by JDBC driver
- How to connect to SQL DB from Java JDBC with mutual TLS/SSL encryption
- Connection to Google Cloud PostgreSQL via JDBC with SSL
- Unable to connect to MySQL database with SunCertPathBuilderException
- Can't Connect to MySQL via SSL (Unable to find valid certification path to requested target)
- jdbc ssl conection failed
- Java use SSL for database connection
- SSL connection to MySQL server with Java
- ssl jdbc connection keystore not found