liberty中通过云的postgres连接的SSL握手失败
我被这个问题困扰的时间比我想承认的要长。我正在尝试使用postgres db连接到我的小型spring mvc项目,而不是liberty。我的server.xml如下所示。
<server description="new server">
<!-- Enable features -->
<featureManager>
<feature>jdbc-4.2</feature>
<feature>jsp-2.3</feature>
<feature>localConnector-1.0</feature>
<feature>servlet-4.0</feature>
<feature>ldapRegistry-3.0</feature>
<feature>appSecurity-3.0</feature>
<feature>transportSecurity-1.0</feature>
</featureManager>
<ssl id="defaultSSLSettings" keyStoreRef="defaultKeyStore" trustDefaultCerts="true" />
<keyStore id="defaultKeyStore"
location="/opt/ibm/wlp/usr/servers/defaultServer/resources/security/key.jks"
password="changeIt"/>
<dataSource id="DefaultDataSource" jndiName="jdbc/postgres"
transactional='true' type='javax.sql.ConnectionPoolDataSource'>
<jdbcDriver libraryRef="PostgresLib" />
<properties databaseName="clouddb"
password=""
serverName="ea957de9-2271-4d6c-999e-f2c250575850.budepemd0im5pmu4u60g.databases..cloud"
user="admin" portNumber="30352" />
</dataSource>
<library id="PostgresLib">
<fileset
dir="C:/Users/AkanchaSingh/Desktop/iit-test-app/test-app"
includes="postgresql-42.2.5.jre6.jar" />
</library>
<httpEndpoint host="*" httpPort="9080" httpsPort="9443"
id="defaultHttpEndpoint">
<tcpOptions soReuseAddr="true" />
<httpOptions maxKeepAliveRequests="-1" />
</httpEndpoint>
<applicationManager autoExpand="true"
startTimeout="600" stopTimeout="600"></applicationManager>
<applicationMonitor updateTrigger="mbean" />
<webApplication autoStart="true" contextRoot="test"
id="test" location="/opt/ibm/wlp/usr/servers/defaultServer/test.war"
name="test">
</webApplication>
</server>我已经尝试通过所有方法连接到postgres,例如: datasource和连接管理器
Properties info = new Properties();
String url = "jdbc:postgresql://ea957de9-2271-4d6c-999e-f2c250575850.budepemd0im5pmu4u60g.databases.appdomain.cloud:30352/clouddb";
info.setProperty("user", "");
info.setProperty("password", "");
info.setProperty("ssl", "true");
info.setProperty("sslfactory", "org.postgresql.ssl.SingleCertValidatingFactory");
info.setProperty("sslfactoryarg", loadFile("/opt/ibm/wlp/usr/servers/defaultServer/resources/security/PGSSLROOTCERT.crt"));即使在从postgres db连接页面提供了root.crt之后,我仍然得到
err error: SSL错误:收到致命警报:在org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:42) err在org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:435) err在org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:94) err在org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192) err在org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)在handshake_failure err在org.postgresql.jdbc.PgConnection.(PgConnection.java:195)出现错误
我还尝试在我的密钥库和信任库中传递证书。在这种情况下似乎什么都不起作用..我可以通过IDE和psql在本地成功连接到postgres db,但一旦我将其停靠并运行,它就会抛出此异常。
DockerFile:
FROM websphere-liberty:19.0.0.12-full-java8-ibmjava
ENTRYPOINT ["/opt/ibm/wlp/bin/server","run","defaultServer"]
USER root
EXPOSE 9080
COPY --chown=1001:0 server.xml /opt/ibm/wlp/usr/servers/defaultServer/
RUN mkdir -p /root/.postgresql
COPY --chown=1001:0 root.crt /root/.postgresql/
COPY --chown=1001:0 key.jks /opt/ibm/wlp/usr/servers/defaultServer/resources/security/
RUN chmod -R 777 /opt/ibm/wlp/usr/servers/defaultServer/resources/security
COPY --chown=1001:0 target/test.war /opt/ibm/wlp/usr/servers/defaultServer/
RUN installUtility install --acceptLicense defaultServer
RUN chmod -R 777 /opt/ibm/wlp/output/defaultServer/workarea
RUN chmod a+rwx /opt/ibm/wlp/output/defaultServer回答 1
Stack Overflow用户
发布于 2021-05-18 21:24:20
OpenLiberty有一个在码头容器中与PostgreSQL一起运行的自动化测试桶,其中两个Liberty服务器成功地使用了SSL。以下是其中之一:
尝试使用<dataSource>下的<properties.postgresql>元素,而不是通用的<properties>。前者具有ssl的附加属性,如测试用例的server.xml所示。
https://stackoverflow.com/questions/67586752
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号