Re: Query related to postgresql jdbc 42.2.5
От | Dave Cramer |
---|---|
Тема | Re: Query related to postgresql jdbc 42.2.5 |
Дата | |
Msg-id | CADK3HH+arYdAp8-_Ce6eDBGG6Bem7b3tfmjOUO+5uxpd+O=_-w@mail.gmail.com обсуждение исходный текст |
Ответ на | Query related to postgresql jdbc 42.2.5 (pradeep puppala <pradeep09puppala@gmail.com>) |
Список | pgsql-jdbc |
No, this was done on purpose. Is there some reason why you cannot add sslmode=verify-ca ?
On Wed, 24 Oct 2018 at 11:25, pradeep puppala <pradeep09puppala@gmail.com> wrote:
Hi DaveI am using 42.2.5 postgresql JDBC version. Can we disable hostname verification feature introduced in this version(42.2.5)Best RegardsPradeepOn Fri 19 Oct, 2018, 3:55 PM pradeep puppala, <pradeep09puppala@gmail.com> wrote:Hi Dave Cramer,It have added sslfactory=org.postgtesql.ssl.DefaultJavaSSLFactory in my db connection url and it worked for me.Thanks a lot Dave 😁Best RegardsPradeepOn Fri 19 Oct, 2018, 3:19 PM Dave Cramer, <pg@fastcrypt.com> wrote:Hello,with just ssl=true the default is to use LibPQFactory which does not use the trust store at all.In order to use the trust store you must set sslfactory to a valid SSLFactory as per https://jdbc.postgresql.org/documentation/head/ssl-factory.htmlThere is a simpleorg.postgresql.ssl.DefaultJavaSSLFactory
provided which uses the default java SSLFactory.On Fri, 19 Oct 2018 at 03:01, pradeep puppala <pradeep09puppala@gmail.com> wrote:Hi Dave Cramer,Thank you for the suggestion. I have seen the links you shared and made some changes in my certificates and in my connection url.Now I am getting error as below.main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
org.postgresql.util.PSQLException: SSL error: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchorsBelow are my db connection detailsSystem.setProperty("javax.net.ssl.trustStore","/usr/java/jre1.7.0_25/lib/security/cacerts");
System.setProperty("javax.net.ssl.trustStorePassword","changeit");
System.setProperty("javax.net.ssl.keyStore","/home/.postgresql/client.keystore");
System.setProperty("javax.net.ssl.keyStorePassword","changeit");
System.setProperty("javax.net.debug", "all");
Properties props = new Properties();
props.setProperty("user", "user1");
props.setProperty("password", "default");
Class.forName("org.postgresql.Driver");
//SSLContext.setDefault();
String url = "jdbc:postgresql://localhost:5432/dbname?ssl=true";
Connection c = DriverManager.getConnection(url, props);I am using 42.2.5 jdbc postgresql jar for ssl db connection.Can you help me with this error.Best Regards,PradeepOn Wed, Oct 17, 2018 at 3:45 AM Dave Cramer <pg@fastcrypt.com> wrote:or the release notesin 45.2.5 we changed the semantics you can add sslmode=prefer to not verify the cert.On Mon, 15 Oct 2018 at 22:38, rob stone <floriparob@gmail.com> wrote:Hello,
On Mon, 2018-10-15 at 18:29 +0530, pradeep puppala wrote:
> Hi
>
> I am trying to connect to postgresql database with jdbc postgresql
> 42.2.5 with "ssl=true" but I am getting error as below.
>
> SSL error: sun.security.validator.ValidatorException: PKIX path
> building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target.
>
> I am using self signed certificates and jre version is 1.7.0.151. I
> am struck here please help. Thanks in advance.
>
> Best regards
> Pradeep
This post may provide some clues.
https://stackoverflow.com/questions/18378869/pkix-path-building-failed-in-java-application#24705398
OR
https://stackoverflow.com/questions/18378869/pkix-path-building-failed-in-java-application#24705398
HTH,
Rob
В списке pgsql-jdbc по дате отправления:
Следующее
От: Vladimir SitnikovДата:
Сообщение: [pgjdbc/pgjdbc] e2623d: perf: fix 1ms per async CopyAPI (regressionsince ...