My project setup uses mssql, tomcat9.0.59,java 1.8_322 and MSSql driver is mssql-jdbc-10.2.0.jre8.jar.
TLS 1.2 is enabled database server, after patching. Question is, How to configure jdbc connection properties to use TLSv1.2 protocol?
Tried using below configuration, but it is not working.
<Resource name="jdbc/connectionpool" auth="Container" type="javax.sql.DataSource"
username="username" password="password"
url="jdbc:sqlserver://IP:1433;databaseName=testDb;encrypt=true;trustServerCertificate=true;"
driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver"
initialSize="5" maxWaitMillis="5000" maxTotal="600" maxIdle="50"
validationQuery="select 1;" poolPreparedStatements="true"/>
below error is throwing while starting the tomcat.
13-May-2022 11:25:25.013 WARNING [main] org.apache.naming.NamingContext.lookup Unexpected exception resolving reference
java.sql.SQLException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "No appropriate protocol (protocol is disabled or cipher suites are inappropriate)". ClientConnectionId:e3c2518c-0eb4-4c1d-b223-7f2a1da3bd7a)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:653)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:532)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getLogWriter(BasicDataSource.java:1057)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory.createDataSource(BasicDataSourceFactory.java:308)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory.getObjectInstance(BasicDataSourceFactory.java:399)
at org.apache.naming.factory.FactoryBase.getObjectInstance(FactoryBase.java:96)
at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:332)
at org.apache.naming.NamingContext.lookup(NamingContext.java:864)
at org.apache.naming.NamingContext.lookup(NamingContext.java:158)
at org.apache.naming.NamingContext.lookup(NamingContext.java:850)
at org.apache.naming.NamingContext.lookup(NamingContext.java:172)
Related
I am running Nifi on windows machine and would like to establish a connection to the MS SQL Server on the same machine.
I downloaded the JDBC driver from Microsoft and put mssql-jdbc-11.2.1.jre11.jar to the lib folder of Nifi. Below is the properties for Controller Service Detail in Nifi to connect to the Sql server.
Database Connection URL: jdbc:sqlserver://127.0.0.1;databaseName=test_database;encrypt=true;user=nifireader;password=***;
Database Driver Class Name: com.microsoft.sqlserver.jdbc.SQLServerDriver
I also created a user inside Sql Server and gave it a read access to use it for Nifi. But I get the SSL error and could not solve it so far. Is there any other steps that I need to take to establish a connection?
2022-12-09 17:47:05,052 ERROR [Timer-Driven Process Thread-6] o.a.nifi.processors.standard.ExecuteSQL ExecuteSQL[id=f76ca380-0184-1000-3a89-b878a90723ed] Unable to execute SQL select query SELECT * FROM tbl_tags due to org.apache.nifi.processor.exception.ProcessException: java.sql.SQLException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId:7fcd7f53-9532-44da-96ce-56eac78049f6). No FlowFile to route to failure
org.apache.nifi.processor.exception.ProcessException: java.sql.SQLException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId:7fcd7f53-9532-44da-96ce-56eac78049f6)
at org.apache.nifi.dbcp.AbstractDBCPConnectionPool.getConnection(AbstractDBCPConnectionPool.java:573)
at org.apache.nifi.dbcp.AbstractDBCPConnectionPool.getConnection(AbstractDBCPConnectionPool.java:550)
at org.apache.nifi.dbcp.DBCPService.getConnection(DBCPService.java:55)
at jdk.internal.reflect.GeneratedMethodAccessor111.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.apache.nifi.controller.service.StandardControllerServiceInvocationHandler.invoke(StandardControllerServiceInvocationHandler.java:254)
at org.apache.nifi.controller.service.StandardControllerServiceInvocationHandler.invoke(StandardControllerServiceInvocationHandler.java:105)
at com.sun.proxy.$Proxy85.getConnection(Unknown Source)
at org.apache.nifi.processors.standard.AbstractExecuteSQL.onTrigger(AbstractExecuteSQL.java:255)
at org.apache.nifi.processor.AbstractProcessor.onTrigger(AbstractProcessor.java:27)
at org.apache.nifi.controller.StandardProcessorNode.onTrigger(StandardProcessorNode.java:1356)
at org.apache.nifi.controller.tasks.ConnectableTask.invoke(ConnectableTask.java:246)
at org.apache.nifi.controller.scheduling.TimerDrivenSchedulingAgent$1.run(TimerDrivenSchedulingAgent.java:102)
at org.apache.nifi.engine.FlowEngine$2.run(FlowEngine.java:110)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.sql.SQLException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId:7fcd7f53-9532-44da-96ce-56eac78049f6)
at org.apache.commons.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:653)
at org.apache.commons.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:531)
at org.apache.commons.dbcp2.BasicDataSource.getConnection(BasicDataSource.java:731)
at org.apache.nifi.dbcp.AbstractDBCPConnectionPool.getConnection(AbstractDBCPConnectionPool.java:560)
... 20 common frames omitted
Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId:7fcd7f53-9532-44da-96ce-56eac78049f6
at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:3806)
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1906)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:3329)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:2950)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:2790)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:1663)
at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1064)
at org.apache.commons.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:52)
at org.apache.commons.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:374)
at org.apache.commons.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:106)
at org.apache.commons.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:649)
... 23 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:654)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:478)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:456)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1382)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1295)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:416)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:388)
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1795)
... 32 common frames omitted
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
at java.base/sun.security.validator.Validator.validate(Validator.java:264)
at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:233)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:110)
at com.microsoft.sqlserver.jdbc.HostNameOverrideX509TrustManager.checkServerTrusted(SQLServerTrustManager.java:86)
at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1510)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:638)
... 44 common frames omitted
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
... 52 common frames omitted
I wanted to deploy Keycloak (v 15.0.2) on the domain mode using MariaDB as an external DB.
Imagine my DB is on 10.0.0.1. I deploy my master on 10.0.0.1 as well by modifying the "KeycloakDS" datasource and the drivers in domain.xml.
I also wanted to deploy a slave on 10.0.0.2 by modifying the domain.xml and the host-slave.xml as the documentation of the Keycloak mentioned (link). I made the below changes on "KeycloakDS" in domain.xml:
<datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS">
<connection-url>jdbc:mariadb://10.0.0.1:3306/keycloak</connection-url>
<driver>mariadb</driver>
<security>
<user-name>myuser</user-name>
<password>mypassword</password>
</security>
</datasource>
Note telnet on 3306 from 10.0.0.2 to 10.0.0.1 is Ok.
After the above changes, I wanted to deploy the slave on 10.0.0.2 but keep facing the error below:
Caused by: java.sql.SQLNonTransientConnectionException:
Socket fail to connect to host:address=(host=localhost)(port=3306)(type=primary). Connection refused: connect
Also note that the sceneio works properly for the standalone-ha mode by making the same changes in standalone-ha.xml.
I followed this link: Installing and Configuring Keycloak - Domain Clustered Deployment
Does anyone have any suggestion that how can I solve this problem?
Try changing the datasource on both
<subsystem xmlns="urn:jboss:domain:datasources:6.0"> in /domain.xml file.
when I was reviewing the file i found there two occurrences of that subsystem.
I have a problem with connecting my database online.
My site is hosted on one server, and connects to a remote database that is on another server.
But it sends me the following error:
SQLSTATE [HY000] [2002] Connection refused Error
I did, however, put the exact connection information .. I do not understand why the connection is refused ..
parameters.yml:
parameters:
database_host: **.**.**.**
database_port: 3306
database_name: zip
database_driver: pdo_mysql
database_user: root
database_password: null
mailer_transport: smtp
mailer_host:
mailer_user:
mailer_password:
secret: d87fdb6ecf4089df33360b187388e33c34e12f85
I thank you in advance
Make sure the user/password are the right ones. You can use the mysql command line cli to try to connect.
Any specific reason why abruptly connection to MSSQL server is lost. I am running web application on the same machine so network connectivity issues are out of question. My application uses Jackrabbit configured to store content with MSSQL. Application is running on Wildfly v9 with JAVA_HOME set to jdk1.8 and I have verified that wildfly is picking it up as well. Also, sqljdbc4-3.0.jar is available to wildfly modules with proper driver configuration in standalone. I am baffled as to why jdk7 adapter would be called to manage connection. However, interesting observation is that this does not occur with Wildfly 10.
standalone.xml
<driver name="sqlserver" module="com.microsoft.sqlserver">
<driver-class>com.microsoft.sqlserver.jdbc.SQLServerDriver</driver-class>
<xa-datasource-class>com.microsoft.sqlserver.jdbc.SQLServerXADataSource</xa-datasource-class>
</driver>
exception:
ERROR 21-07 16:41:13,636 (DbUtility.java:logException:92) failed to close ResultSet
ERROR 21-07 16:41:13,637 (DbUtility.java:logException:94) Reason: IJ031040: Connection is not associated with a managed connection: org.jboss.jca.adapters.jdbc.jdk7.WrappedConnectionJDK7#386eff84
ERROR 21-07 16:41:13,639 (DbUtility.java:logException:95) State/Code: null/0
details : Mule 3.8, CassendraDB downloaded from mulesoft exchange, Cassandra version 3.x, port no : 9042.
The Following error occurs when I test connection in cassandra connector configuration.
Error : org.mule.api.ConnectionException: Read a negative frame size (-2147483648)! at com.mulesoft.mule.cassandradb.CassandraDBConnector.connect(CassandraDBConnector.java:101) at com.mulesoft.mule.cassandradb.connectivity.CassandraDBConnectorConnectionFactory.makeObject(CassandraDBConnectorConnectionFactory.java:52) at org.apache.commons.pool.impl.GenericKeyedObjectPool.borrowObject(GenericKeyedObjectPool.java:1220) at com.mulesoft.mule.cassandradb.connectivity.CassandraDBConnectorConnectionManager.acquireConnection(CassandraDBConnectorConnectionManager.java:269) at com.mulesoft.mule.cassandradb.connectivity.CassandraDBConnectorConnectionManager.test(CassandraDBConnectorConnectionManager.java:351) at org.mule.tooling.metadata.api.utils.ConnectionTester.internalTestConnection(ConnectionTester.java:88) at org.mule.tooling.metadata.api.utils.ConnectionTester.testConnectionFor(ConnectionTester.java:113) at org.mule.tooling.messageflow.action.TestConnectorConnectionFromMuleConfigAction$1$1$1$1.call(TestConnectorConnectionFromMuleConfigAction.java:68) at org.mule.tooling.messageflow.action.TestConnectorConnectionFromMuleConfigAction$1$1$1$1.call(TestConnectorConnectionFromMuleConfigAction.java:1) at org.mule.tooling.utils.SilentRunner.run(SilentRunner.java:25) at org.mule.tooling.core.StudioDesignContextRunner.runSilentWithMuleProject(StudioDesignContextRunner.java:17) at org.mule.tooling.core.StudioDesignContextRunner.runSilentWithMuleProject(StudioDesignContextRunner.java:37) at org.mule.tooling.messageflow.action.TestConnectorConnectionFromMuleConfigAction$1$1$1.run(TestConnectorConnectionFromMuleConfigAction.java:65) at java.lang.Thread.run(Unknown Source) Caused by: org.mule.api.ConnectionException: Read a negative frame size (-2147483648)! at com.mulesoft.mule.cassandradb.CassandraDBUtils.getClient(CassandraDBUtils.java:90) at com.mulesoft.mule.cassandradb.CassandraDBConnector.connect(CassandraDBConnector.java:94) ... 13 more
How can I resolve this error ?
There are a number of potential config changes that you can try.
Check the following in the cassandra.yaml
authenticator: org.apache.cassandra.auth.PasswordAuthenticator
rpc_address: 0.0.0.0
... and consequently ...
broadcast_rpc_address: NOT 0.0.0.0 eg 1.2.3.4
start_rpc: to true
This is because the MuleSoft cassandraDB connector uses apache thrift and not a native connection. You will also need to set the host and Port in the connection settings in studio to be 0.0.0.0 and 9160 respectively. Trst with a blank username/password pair and it should show a correct connection.