| From: | Andrew M <andrew(at)jibeya(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: SSL confirmation - No trusted certificate found |
| Date: | 2004-12-06 13:07:27 |
| Message-ID: | C78829F2-4787-11D9-88C3-0003938366A4@jibeya.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-jdbc |
Ok,
I have just looked at my postgreSQL terminal window and seen the
following message:
sslv3 alert certificate unknown
Could this mean that the certificate is of the wrong type??
regards
Andrew
On 6 Dec 2004, at 12:50, Andrew M wrote:
> Kriss,
> I have implemented your earlier suggestion:
>
> sslfactory=org.postgresql.ssl.NonValidatingFactory
>
> and no error are generated, so I presume that the connection to the
> database is now ssl'd. So why bother going through the headache of
> creating a certificate if I can do it like mentioned above?
>
> regards
>
> Andrew
> On 6 Dec 2004, at 12:28, Kris Jurka wrote:
>
>>
>>
>> On Mon, 6 Dec 2004, Andrew M wrote:
>>
>>> jdbc:postgresql://localhost:5432/mydatabase?ssl
>>>
>>> When I launch Jboss, which handles the connection to postgresql, I
>>> get
>>> the following error:
>>>
>>> javax.net.ssl.SSLHandshakeException:
>>> sun.security.validator.ValidatorException: No trusted certificate
>>> found
>>>
>>
>> Difficult to say. Perhaps JBoss is deciding to use an alternate
>> truststore? Perhaps it doesn't like your cert setup. I would suggest
>> first running a simple client program to test that it's working first.
>> Also adding -Djavax.net.debug=ssl to the java command will help
>> debugging
>> ssl problems.
>>
>> Further the 8.0 JDBC driver can create SSL connnections without doing
>> authentication by adding using an additional url parameter:
>>
>> sslfactory=org.postgresql.ssl.NonValidatingFactory
>>
>> You should try to get it to authenticate correctly, but this is
>> another
>> useful test point.
>>
>> Kris Jurka
>>
>> ---------------------------(end of
>> broadcast)---------------------------
>> TIP 3: if posting/reading through Usenet, please send an appropriate
>> subscribe-nomail command to majordomo(at)postgresql(dot)org so that
>> your
>> message can get through to the mailing list cleanly
>>
>
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 7: don't forget to increase your free space map settings
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | alex | 2004-12-06 13:17:29 | Re: DBD::PgSPI 0.02 |
| Previous Message | Kris Jurka | 2004-12-06 12:57:31 | Re: SSL confirmation - No trusted certificate found |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kris Jurka | 2004-12-06 13:24:39 | Re: Patch for jdbc escaped functions |
| Previous Message | Bjørn T Johansen | 2004-12-06 13:05:55 | Re: Strange change in my where clause? |