我正在尝试使用以下程序通过 SSL 从 Java 连接到 MySQL DB。
public class MySQLJDBC {
public static void main(String[] args) throws ClassNotFoundException, SQLException {
Class.forName("com.mysql.jdbc.Driver");
String m_host = "localhost";
String m_port = "3306";
String m_db = "test";
boolean isSSL = true;
String dbUrl = "jdbc:mysql://" + m_host + ":" + m_port + "/" + m_db + "?noDatetimeStringSync=true&verifyServerCertificate=false&useSSL=" +String.valueOf(isSSL);
String m_user = "root";
String m_pass = "Pass";
System.setProperty("javax.net.ssl.keyStore","D:/content/dev/connectors/Database (JDBC)/2011.1/src/mykeystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword","password");
System.setProperty("javax.net.ssl.trustStore","D:/content/dev/connectors/Database (JDBC)/2011.1/src/mystore.jks");
System.setProperty("javax.net.ssl.trustStorePassword","password");
DriverManager.getConnection(dbUrl, m_user, m_pass);
System.out.println(System.getProperty("javax.net.ssl.keyStore"));
}
}
如果我安装了客户端 keystore ,这将引发以下异常。
Exception in thread "main" com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
Last packet sent to the server was 328 ms ago.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:406)
at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:1074)
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2104)
at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:729)
at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:46)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:406)
at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:302)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:283)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at MySQLJDBC.main(MySQLJDBC.java:20)
Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
Last packet sent to the server was 328 ms ago.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:406)
at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:1074)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:102)
at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:4357)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1302)
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2032)
... 12 more
Caused by: java.net.SocketException: Software caused connection abort: socket write error
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(Unknown Source)
at java.net.SocketOutputStream.write(Unknown Source)
at com.sun.net.ssl.internal.ssl.OutputRecord.writeBuffer(Unknown Source)
at com.sun.net.ssl.internal.ssl.OutputRecord.write(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecordInternal(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:87)
... 15 more
如果我注释掉 keystore 行,连接就会发生。
//System.setProperty("javax.net.ssl.keyStore","D:/content/dev/connectors/Database (JDBC)/2011.1/src/mykeystore.jks");
//System.setProperty("javax.net.ssl.keyStorePassword","password");,
然后连接就正常了。 我的问题是,
- 知道为什么我在使用指定的 keystore 时会收到此错误吗?
- 我不想要相互认证。因此我想告诉服务器不要验证客户端证书。这个有什么属性吗?
如有任何答案,我们将不胜感激。
最佳答案
如果它在没有 keystore 的情况下也能正常工作,那么 (a) 它里面的东西有问题,并且 (b) 无论如何你都不需要它。
如果您不想发送客户端证书,请不要指定包含客户端证书的 keystore 。
关于java - MySQL - Java SSL 连接抛出错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/11993002/