我正在尝试在 spring boot 应用程序中使用其最新的 JDBC 驱动程序从 linux 连接到 SQL Server。当我使用 eclipse 运行 junit 测试用例时,出现“ssl handshake”错误。当我使用 mvn 在命令行中运行时,一切都很好。
我是否遗漏了什么或在我的配置中犯了任何错误:
@RunWith(SpringRunner.class)
@SpringBootTest
public class BarcodeRepositoryTest {
@Autowired
private BarcodeRepository addressRepository;
@Test
public void testFetchData() {
List<Barcode> addresses = addressRepository.findAll();
assertNotNull(addresses);
assertNotEquals(0, addresses.size());
}
}
spring.datasource.url=jdbc:sqlserver://[server]:1433;databaseName=ITTemp
spring.datasource.username=[username]
spring.datasource.password=[password]
spring.datasource.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
spring.jpa.show-sql=true
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.SQLServer2008Dialect
spring.jpa.hibernate.ddl-auto=none
错误堆栈跟踪:
Caused by: java.security.cert.CertificateException: Certificates do not conform to algorithm constraints at sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:1120) ~[na:1.8.0_172] at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:1044) ~[na:1.8.0_172] at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:986) ~[na:1.8.0_172] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) ~[na:1.8.0_172] ... 86 common frames omitted Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on keysize limits. RSA 1024bit key used with certificate: CN=SSL_Self_Signed_Fallback. Usage was tls server at sun.security.util.DisabledAlgorithmConstraints$KeySizeConstraint.permits(DisabledAlgorithmConstraints.java:817) ~[na:1.8.0_172] at sun.security.util.DisabledAlgorithmConstraints$Constraints.permits(DisabledAlgorithmConstraints.java:419) ~[na:1.8.0_172] at sun.security.util.DisabledAlgorithmConstraints.permits(DisabledAlgorithmConstraints.java:167) ~[na:1.8.0_172] at sun.security.provider.certpath.AlgorithmChecker.check(AlgorithmChecker.java:332) ~[na:1.8.0_172] at sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:1116) ~[na:1.8.0_172]
当我从 eclipse 运行测试用例时,我看到了这个错误。
最佳答案
我在使用 SQL Server 2014 和 Open JDK 11 时遇到了同样的问题。我最终通过按照说明为 SQL Server 2014 实例创建自签名证书解决了这个问题:
此问题是因为 SQL Server 生成的默认自签名证书在尝试验证 SQL Server 实例提供的证书时使用了 JDK 不允许的一种或多种算法。关键是生成将被 JDK 接受的新的自签名证书(遵循上述指导)。添加回不允许的算法几乎肯定会导致使用较弱的加密。
关于sql-server - JDBC 驱动程序连接到 SQL Server 时出现 SSl 握手验证错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51489695/