Connecting to SSL PostgreSQL with WebStart Application

Поиск
Список
Период
Сортировка
От Bill Boggins
Тема Connecting to SSL PostgreSQL with WebStart Application
Дата
Msg-id 453886FD.7020405@dineco.com
обсуждение исходный текст
Список pgsql-jdbc
Дерево обсуждения 
I have SSL up and running on my server. As seen here;

Welcome to psql 8.1.2, the PostgreSQL interactive terminal.

Type:  \copyright for distribution terms
      \h for help with SQL commands
      \? for help with psql commands
      \g or terminate with semicolon to execute query
      \q to quit

SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)


I have exported a "server.crt.der" for installing into my java client.

However, at this point I am a little unclear what to do, since I'm not
running my application at the command line? I want to install this into
the standard java runtime that lives on a windows pc, so that it can be
used by a Java WebStart application also installed on the PC.

If I go into the Windows Control Panel and start the Java Control
Application in there, I can go to the security tab and install
certificates from there. Where do I install the cert? I can choose
between; trusted, secure Site, Singer CA...etc??

I have installed the certificate in all the sections it would allow me
to except "Cleint Authentication" as that kept asking for a password
which did not seem to match any I knew.

When installed where possible and running the application, I get the
following error;

Exception in thread "main" org.postgresql.util.PSQLException: An I/O
error has occured while flushing the output - Exception:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
Stack Trace:

javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
       at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
       at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
       at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
       at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
       at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)

       at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)

       at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
       at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
       at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)

       at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)

       at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622)

       at
com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
       at
java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
       at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
       at org.postgresql.core.PGStream.flush(PGStream.java:411)
       at
org.postgresql.jdbc1.AbstractJdbc1Connection.openConnectionV3(AbstractJdbc1Connection.java:284)

       at
org.postgresql.jdbc1.AbstractJdbc1Connection.openConnection(AbstractJdbc1Connection.java:213)

       at org.postgresql.Driver.connect(Driver.java:139)
       at java.sql.DriverManager.getConnection(DriverManager.java:525)
       at java.sql.DriverManager.getConnection(DriverManager.java:140)
       at TestDB.main(TestDB.java:33)
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
       at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
       at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
       at sun.security.validator.Validator.validate(Validator.java:203)
       at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)

       at
com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)

       at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)

       ... 16 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
       at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)

       at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
       at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
       ... 21 more
End of Stack Trace

       at org.postgresql.core.PGStream.flush(PGStream.java:415)
       at
org.postgresql.jdbc1.AbstractJdbc1Connection.openConnectionV3(AbstractJdbc1Connection.java:284)

       at
org.postgresql.jdbc1.AbstractJdbc1Connection.openConnection(AbstractJdbc1Connection.java:213)

       at org.postgresql.Driver.connect(Driver.java:139)
       at java.sql.DriverManager.getConnection(DriverManager.java:525)
       at java.sql.DriverManager.getConnection(DriverManager.java:140)
       at TestDB.main(TestDB.java:33)



Any help?

В списке pgsql-jdbc по дате отправления:

Предыдущее
От: Dave Cramer
Дата:
Сообщение: JDBC CTS failures
Следующее
От: Adriaan Joubert
Дата:
Сообщение: currval() race condition on server?