I want to add a database (Microsoft SQL) to the website I'm working on, using Cold Fusion Administrator (latest version).
After entering all needed data, I got the issue:
Connection verification failed for data source: dbKantine
java.sql.SQLException: The sqlserver package is not installed. You can install the package through the CLI package manager (C:/Users/MYNAME/.CommandBox/server/C1EA019F5A81794693D0EA837C1622B4-PROJECTNAME/adobe-2021.0.2.328618/WEB-INF/cfusion/bin/cfpm.bat) by running the command : install sqlserver.
I tried to execute the *.bat file mentioned, but nothing happened.
I also tried install sqlserver in the CommandBox, but it says:
Error getting ForgeBox entry [sqlserver]
The entry slug sent is invalid or does not exist
EDIT:
I got it installed using cfpm.sh and wrote there "install sqlserver".
But now it tells me this inside of Cold Fusion Administrator:
Connection verification failed for data source: MYDB
java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]An SSL socket connection could not be established because JRE 1.4 or above is required.
EDIT 2:
I setup everything again with ColdFusion 2018 (as I'm learning CF 2018 currently).
Now I get the issue:
Connection verification failed for data source: MYDB
java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer
JDBC Driver]The SQL Server login requires an SSL connection. The root
cause was that: java.sql.SQLNonTransientConnectionException:
[Macromedia][SQLServer JDBC Driver]The SQL Server login requires an
SSL connection.
What I tried:
I created a *.keystore file and a *.cer file.
I followed this (https://usermanual.wiki/adobe/CF11Configen.762142204/html#pf2f) instruction and tried to add the keystore file to the CF Administrator:
According to Data Source Management for ColdFusion > Enabling SSL Connection what you need is a truststore. The JVM used by ColdFusion already has a default truststore configured, typically jre\lib\security\cacerts, so no need to create one. Though depending on the server certificate, it may need to be imported into the truststore. The "Enable RMI Over SSL For Data Management" setting isn't relevant. It's for Flex Integration, not datasources.
Do the following to enable SSL connection:
In the ColdFusion Administrator, go to Data & Services > Data Sources.
Select the data source to enable SSL Connection.
In the data source page, click Show Advanced Settings.
In the Connection String text box, specify the connection properties as per the SSL requirements.
The relevant SQL Server SSL connection settings are:
EncryptionMethod - Values are noEncryption and SSL
TrustStore - The (full path) of the truststore file
TrustStorePassword - The password to access the truststore file
ValidateServerCertificate - Determines whether the driver validates the certificate sent by the database, true or false.
server
HostNameInCertificate - Host name for certificate validation. (Either a literal string "host_name" or #SERVERNAME#)
Sample connection string to enable SSL and validate the server certificate:
EncryptionMethod=SSL;ValidateServerCertificate=true;HostNameInCertificate=YourServerName;TrustStore=C:\commandbox\openjdk11\jre\lib\security\cacerts;TrustStorePassword=ThePassword
Sample connection string to enable SSL without validating the server certificate:
EncryptionMethod=SSL;ValidateServerCertificate=false;TrustStore=C:\commandbox\openjdk11\jre\lib\security\cacerts;TrustStorePassword=ThePassword
Related
I installed SQL2019 and SQL Server Management Studio.
SQL Server with name "TESTINSTANCE" is running.
When I press "Test Connection" then I get this error:
[08S01] The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId:9d6e6b90-bd20-4364-b0e4-bfbdd6bc57c8 unable to find valid certification path to requested target.
It seems like my solution would be tab SSH/SSL -> Use SSL, but I don't know where should I get certificate files. Maybe it's something else, I don't know.
UPDATE:
All my first attempts was without "Use SSL", it doesn't work either.
Jdbc driver is installed by Rider by default.
Server=LEKRET\TESTINSTANCE don't work (Incorrect driver and/or database URL specified).
UPDATE 2:
Well, I finally found where I can enable Trust Server Certificate, in Advanced Options. Not ideal, but everything is on local machine so it should be fine.
Password and login didn't work, but I finally managed to create login with windows auth in SSMS.
After 8 hours it's finally working.
Full error I am getting is:
SQLSTATE[08001]: [Microsoft][ODBC Driver 18 for SQL Server]SSL Provider: [error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:unable to get local issuer certificate] (SQL: SHOW TABLES) (View: /var/www/html/uvk/resources/views/index.blade.php)
I do have an SSL certificate and can connect through HTTPs
Your web server's SSL/TLS certificate has nothing to do with the error message, it's referring to the certificate used by the SQL Server service.
Please refer to ODBC Driver 18.0 for SQL Server Released which mentions:
Changes
BREAKING CHANGE - Default Encrypt to Yes/Mandatory.
ODBC Driver 18 for SQL Server and JDBC Driver 10.2 for SQL Server both default to the Encrypt=yes; connection string option with the goal of improving data security for SQL Server users and developers. Unfortunately, by default, SQL Server instances are installed with self-signed X.509 certificate that are not trusted by any CAs (Certificate Authorities) so most people upgrading to these versions of the drivers are receiving errors similar to yours.
You have three options here:
Export the public key portion of the target SQL Server's certificate to a .crt file and import it into the trusted certificate stores of the users that need to connect to it, or
Add TrustServerCertificate=true; (or TrustServerCertificate=yes;, depending on your programming language) to your connection string, so that the server's certificate is accepted without error and allows secure, encrypted connections, or
Add Encrypt=false; (or Encrypt=no;, depending on your programming language) to your connection string. This is the least desirable option as it prevents the connection from being encrypted, meaning that the traffic between your SQL Server and the client can be intercepted and inspected with ease.
Here is how Database url is given : jdbc:postgresql://Hostname:portnumber/dbname
Kept the following jar file in C:\Program Files\Apache\apache-jmeter-5.0\lib
postgresql-9.1-901-1.jdbc4.jar
I am getting the below error in JMeter when trying to connect AWS postgres db in JMeter.
Cannot create PoolableConnectionFactory (FATAL: no pg_hba.conf entry for host "xxx", user "xxuser", database "xxname", SSL off).
Can it be the case you have SSL enabled in your PostgreSQL cluster? Looking at Requiring an SSL/TLS connection to an Aurora PostgreSQL DB cluster chapter
If you enable set rds.force_ssl and restart your DB cluster, non-SSL connections are refused with the following message:
psql: FATAL: no pg_hba.conf entry for host "host.ip", user "someuser", database "postgres", SSL off
So it might be the case you just need to enable SSL in your JDBC URL like:
jdbc:postgresql://Hostname:portnumber/dbname?ssl=true
Otherwise just add the following entry to your pg_hba.conf file:
hostnossl all all 0.0.0.0/0 trust
and upon Postgres restart you will be able to connect from anywhere by anyone without SSL
Also according to 9 Easy Solutions for a JMeter Load Test “Out of Memory” Failure and JMeter Best Practices you should always be using the latest version of JMeter so consider upgrading to JMeter 5.4.1 (or whatever is the latest stable version available at JMeter Downloads page)
I configured successfully SSL on Microsoft SQL Server 2012 Express Edition for the purpose of encrypting external network connections to the database that are made through Internet. For performance reasons for internal clients on the network I do not want to force the use of SSL and leave to the clients the option of use it or not. I set Force Encryption to No with the following steps:
Sql Server Configuration Manager
Sql Server Network Configuration
Protocols for (MYSQLSERVERNAME)
Right click: Properties
Flags tab.
When I try to establish an encrypted connection with Microsoft Sql Server Management Studio checking Encrypt connection option on Options > Connection Properties I get the following error.
A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The target principal name is incorrect.) (Microsoft SQL Server, Error: -2146893022)
What is striking is that if I select Force Encryption as Yes on Sql Server Configuration Manager and I not select Encrypt connection on Microsoft Sql Server Management Studio I can connect to the database. If I execute the query:
select * from sys.dm_exec_connections
In fact the column encrypt_option is TRUE.
The certificate was generated with Openssl and this is the information:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Validity
Not Before: Jun 9 15:53:18 2016 GMT
Not After : Jun 9 15:53:18 2018 GMT
Subject: C=US, ST=State, L=Location, O=Testing, OU=Development, CN=JOSEPH-ASUS
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7F:58:DC:F7:D9:90:2A:DF:0E:31:84:5C:49:68:E7:61:97:D8:41
X509v3 Authority Key Identifier:
keyid:C9:5C:79:34:E0:83:B2:C7:26:21:90:17:6A:86:88:84:95:19:88:EA
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Key Encipherment, Data Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Alternative Name:
DNS:alternatename1, DNS:alternatename2, IP Address:192.168.1.100, IP Address:192.191.1.101, IP Address:192.168.1.103
Signature Algorithm: sha256WithRSAEncryption
...
The current OS is Windows 10 Home.
What I'm missing?
I had the same issue and got resolved by adding TrustServerCertificate=True; to the connection string.
I received this error when I was doing something similar. I also created a certificate from OpenSSL and imported it into SQL Server. I also used SQL Server Management Studio to attempt to verify that the client side copy of the certificate was required. When I did this I got the error described above.
The solution was simply that in the window to connect I was not using the CN that is on the certificate:
Instead of 127.0.0.1 (or whatever you have there) put the CN on the certificate and this connection should work.
The certificate generated with OpenSSL work properly. In my case the problem was rights of the account under which runs MSSQL over the certificate, I solved this issue with the follow steps:
Open SQL Server Configuration Manager.
Locate the account which is used to run MSSQL instance (Log On tab on MSSQL instance Properties).
Open MMC Console and add Certificates (Local Machine) snap-in.
Search the certificate store, right click on certificate and select All Tasks -> Manage Private Keys....
Set the Permissions to the same account under which MSSSQL runs.
I got this error when trying to connect via sqlcmd to a server which required windows integrated authentication (option -E) but accidentally used Azure Active Directory Authentication (option -G). Selecting the correct flags fixed it for me. Note that this is the equivalent of including Trusted_Connection=True in the connection string.
It's possible that your Server Certificate is using a *.domain name.
Make sure your SQL server has a certificate with a fully qualified name (sqlserver.yourcompany.com, not just *.yourcompany.com)
I used to get this same error when I had a *.mycompany.com certificate installed, but when I tried with a self-signed certificate specifically made for that SQL server, Then everything worked.
The steps are as follows:
Assuming you have already generated a certificate and it's in your machine
In certificate manager find your certificate, right click, all tasks, manage public keys, Allow the SQL server user (usually NT service\MSSQLSERVER) access to the private keys.
From certificate manager, export the cert without private keys and import them into a client machine
Open SQL server configuration manager > network > protocols > right click > certificate, select the new certificate. apply
Restart the SQL server instance
I'm trying to set up TeamCity 9 locally to a local SQL Server Instance and getting the following error.
The connection to the host localhost, named instance (localdb)\v11.0 failed. Error: "java.net.SocketTimeoutException:
Receive timed out". Verify the server and instance names and check
that no firewall is blocking UDP traffic to port 1434. For SQL
Server 2005 or later, verify that the SQL Server Browser Service is
running on the host.
SQL exception: The connection to the host localhost, named instance (localdb)\v11.0 failed. Error:
"java.net.SocketTimeoutException: Receive timed out". Verify the
server and instance names and check that no firewall is blocking UDP
traffic to port 1434. For SQL Server 2005 or later, verify that the
SQL Server Browser Service is running on the host.
I've tested the connection via SSMS and the credentials I'm supplying the TC web set up are the same. The login has rights to the table.
Using sqljdbc41.jar
It has to be something simple.
Thanks!
It is difficult to know what might be the issue with your environment but I can tell you what worked for me. The key item was to use the JTDS JDBC driver rather than the Microsoft JDBC driver.
Download the latest driver from http://jtds.sourceforge.net/
Unpack the downloaded zip file into the %TEAMCITY_DATA_PATH%/config folder
If you are using NTLM (i.e. Windows) authentication to connect to your database then specify the following for the database.properties file:
# Database: Microsoft SQL server (via jtds driver)
connectionUrl=jdbc:jtds:sqlserver://localhost:1433/TeamCity
#connectionProperties.user=
#connectionProperties.password=
NOTE: This requires the TeamCity windows service to run under the credentials of the account that is the owner of the database. In addition, the ntlmauth.dll file needs to be copied from the JTDS zip file\x86\SSO folder to the TeamCityHome\bin folder as well.
If you are using SQL authentication to connect to your database then specify the following for the database.properties file:
# Database: Microsoft SQL server (via jtds driver)
connectionUrl=jdbc:jtds:sqlserver://localhost:1433/TeamCity
connectionProperties.user=<SQL Login Name>
connectionProperties.password=<SQL Login Password>
Because the JTDS driver does not have a default port to use, you must
specify a port in the value supplied for the connectionUrl.
If you use named instance you can specify the instance name by
following means:
For example if the instance name is sqlexpress then either add the
instance property into the connection URL, like the following:
connectionUrl=jdbc:jtds:sqlserver://localhost:1433/TeamCity;instance=sqlexpress
Or, specify corresponding property in the database.properties file:
connectionProperties.instance=sqlexpress
See also: http://confluence.jetbrains.com/display/TCD9/Setting+up+an+External+Database