B4J Question JDBC MySql ssl

Fabrice La

Active Member
Licensed User
Longtime User
Hi I am trying to connection my Database using ssl.

On windows I do:
mysql -uUuss -pPaass -P3306 --ssl --ssl-ca="C:\OpenSSL-Win64\newcerts\ca-cert.pem"

And it's work

How to do the same on the JDBC:
StringSql = jdbc:mysql://localhost:3306/ndf?characterEncoding=utf8&useSSL=true&serverSslCert="C:\OpenSSL-Win64\newcerts\ca-cert.pem"

MySql.Initialize2("com.mysql.jdbc.Driver", StringSql,BaseConnect.LoginB,BaseConnect.MDP)
 

Fabrice La

Active Member
Licensed User
Longtime User
Yeb Tried that:
B4X:
jdbc:mysql://localhost:3306/ndf?characterEncoding=utf8&useSSL=true&serverSslCert=C:/OpenSSL-Win64/newcerts/ca-cert.pem
With the error:
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
 
Upvote 0

Fabrice La

Active Member
Licensed User
Longtime User
I found that:
http://stackoverflow.com/questions/16523595/specify-ssl-to-be-used-for-jdbc-in-context-xml
or in:
Finally, to get JSSE to use the keystore and truststore that you have generated, you need to set the following system properties when you start your JVM, replacing path_to_keystore_file with the full path to the keystore file you created, path_to_truststore_file with the path to the truststore file you created, and using the appropriate password values for each property. You can do this either on the command line:

-Djavax.net.ssl.keyStore=path_to_keystore_file
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=path_to_truststore_file
-Djavax.net.ssl.trustStorePassword=password

Or you can set the values directly within the application:

System.setProperty("javax.net.ssl.keyStore","path_to_keystore_file");
System.setProperty("javax.net.ssl.keyStorePassword","password");
System.setProperty("javax.net.ssl.trustStore","path_to_truststore_file");
System.setProperty("javax.net.ssl.trustStorePassword","password");

You will also need to set useSSL to true in your connection parameters for MySQL Connector/J, either by addinguseSSL=true to your URL
I am on the test machine and this application will be install on a network server where it will be possible to access through internet.
 
Upvote 0
Top