Re: JDBC + SSL = "No trusted certificate found" (RESOLVED)
From: Luke McCarthy (luke.mccarthy_at_shaw.ca)
Date: 06/29/04
- Previous message: ciao ciao: "how to access a db table that changes structure"
- In reply to: Luke McCarthy: "JDBC + SSL = "No trusted certificate found""
- Next in thread: Mark Matthews: "Re: JDBC + SSL = "No trusted certificate found" (RESOLVED)"
- Reply: Mark Matthews: "Re: JDBC + SSL = "No trusted certificate found" (RESOLVED)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 29 Jun 2004 21:43:45 GMT
On Thu, 24 Jun 2004 11:31:20 -0600, Luke McCarthy wrote:
> ...
> adding as trusted cert:
> Subject: CN=lewzealand, OU=bioinfo, O=Uni, L=Sask, ST=Sask, C=CA
> ...
Convinced that there was no problem on the Java side, I set up my own
SSL-enabled mysql server at home where I could manipulate the
configuration to try and further explore this problem. As soon as I
did, the problem went away. After some experimentation, it appears the
problem was this:
The common name in the SQL certificate must be a fully-qualified
domain name, or Java doesn't recognize the match. It's not good enough
if a simple name (e.g.: myserver) is used in both the certificate and the
JDBC connection statement, even if that name resolves. As soon as an
equivalent fully-qualified domain name (e.g.: myserver.example.com) is
used in the certificate and the connection statement, everything just
works.
The reason I'm following up here is that this appears to be somewhat
Java-specific, as mysql itself doesn't care whether a host name is
fully-qualified or not.
Cheers,
Luke
- Previous message: ciao ciao: "how to access a db table that changes structure"
- In reply to: Luke McCarthy: "JDBC + SSL = "No trusted certificate found""
- Next in thread: Mark Matthews: "Re: JDBC + SSL = "No trusted certificate found" (RESOLVED)"
- Reply: Mark Matthews: "Re: JDBC + SSL = "No trusted certificate found" (RESOLVED)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
