1
我已經創建了自己的證書和配置postgresql.conf文件:如何通過SSL連接PostgreSQL數據庫?
...
#authentication_timeout = 1min # 1s-600s
ssl = true # (change requires restart)
ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
# (change requires restart)
#ssl_prefer_server_ciphers = on # (change requires restart)
#ssl_ecdh_curve = 'prime256v1' # (change requires restart)
ssl_cert_file = '/etc/ssl/certs/company/database/certificate' # (change requires restart)
ssl_key_file = '/etc/ssl/certs/company/database/key' # (change requires restart)
ssl_ca_file = '/usr/share/ca-certificates/company/ca/certificate' # (change requires restart)
#ssl_crl_file = '' # (change requires restart)
#password_encryption = on
#db_user_namespace = off
#row_security = on
...
然後,我讓我的服務器與我的數據庫連接,pg_hba.conf:
...
hostssl postgres postgres XXX.XXX.XXX.XXX/0 md5
...
所以,我可以通過psql連接到它命令行:
psql (9.5.3)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.
postgres=#
但是,當我嘗試通過我的jav打開與數據庫的連接一個應用程序,甚至當我提供信任與我的數據庫證書包括,我不斷收到與它沒有關係:
mvn package -Djavax.net.ssl.trustStore=/opt/app/truststore -Djavax.net.ssl.trustStorePassword=changeit
例外:
2016-05-23 16:28:32,900 WARN [com.mchange.v2.resourcepool.BasicResourcePool] - <Having failed to acquire a resource, [email protected] is interrupting all Threads waiting on a resource to check out. Will try again in response to new client requests.>
2016-05-23 16:28:32,900 WARN [com.mchange.v2.resourcepool.BasicResourcePool] - <com[email protected]2be057bf -- Acquisition Attempt Failed!!! Clearing pending acquires. While trying to acquire a needed new resource, we failed to succeed more than the maximum number of allowed acquisition attempts (30). Last acquisition attempt exception: >
java.lang.NullPointerException
at org.postgresql.Driver.parseURL(Driver.java:532)
at org.postgresql.Driver.acceptsURL(Driver.java:431)
at java.sql.DriverManager.getDriver(DriverManager.java:299)
at com.mchange.v2.c3p0.DriverManagerDataSource.driver(DriverManagerDataSource.java:285)
at com.mchange.v2.c3p0.DriverManagerDataSource.getConnection(DriverManagerDataSource.java:161)
at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:161)
at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:147)
at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool$1PooledConnectionResourcePoolManager.acquireResource(C3P0PooledConnectionPool.java:202)
at com.mchange.v2.resourcepool.BasicResourcePool.doAcquire(BasicResourcePool.java:1138)
at com.mchange.v2.resourcepool.BasicResourcePool.doAcquireAndDecrementPendingAcquiresWithinLockOnSuccess(BasicResourcePool.java:1125)
at com.mchange.v2.resourcepool.BasicResourcePool.access$700(BasicResourcePool.java:44)
at com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask.run(BasicResourcePool.java:1870)
at com.mchange.v2.async.ThreadPoolAsynchronousRunner$PoolThread.run(ThreadPoolAsynchronousRunner.java:696)
2016-05-23 16:28:32,901 WARN [com.mchange.v2.resourcepool.BasicResourcePool] - <Having failed to acquire a resource, [email protected] is interrupting all Threads waiting on a resource to check out. Will try again in response to new client requests.>
通過psql似乎一切都工作正常,不與我的申請。 有什麼建議嗎?
編輯:
我props.properties文件:
uatDb.user=postgres
uatDb.password=password
uatDb.driverClass=org.postgresql.Driver
uatDb.jdbcUrl=jdbc:postgresql://<server_name>:1234/uat?ssl=true
uatDb.port=5443
uatDb.name=uat
uatDb.host=<server_name>
發佈您的Java代碼。你是否設置SSL的連接屬性?請參閱https://jdbc.postgresql.org/documentation/head/connect.html –
@AndrewHenle是的,我已經在文件上設置了此連接的屬性。我編輯了我的問題。我通過'maven'調用我的數據庫來構建我的應用程序,以訪問我的數據庫以進行一些測試。 –
假設您的連接工程未啓用SSL,您能否在MAVEN_OPTS中設置'-Djavax.net.debug = all'以獲取Java連接調試數據?見http://stackoverflow.com/questions/2007192/maven-jetty-plugin-how-to-control-vm-arguments(我不是Maven大師......) –