Cannot connect to SQL server when SSL is enabled in JBoss EAP
Issue
-
My sqlserver is using a self-sign cert "app.cer". Then I copy the cert to jboss server.
-
1 ) I created a truststore using below command:
keytool -import -v -trustcacerts -alias myhost -file app.cer -keystore mykeystore.jks
And then I specify the truststore in standalone.xml file:
<system-properties>
...
<property name="javax.net.ssl.trustStore" value="/data/app_certificate/mykeystore.jks"/>
<property name="javax.net.ssl.trustStorePassword=xxxxxxxx"/>
</system-properties>
But when I startup I got the error:
05:49:38,885 WARN [org.jboss.jca.core.connectionmanager.pool.strategy.PoolBySubject] (ServerService Thread Pool -- 57) IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: Could not create connection
at org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory.getXAManagedConnection(XAManagedConnectionFactory.java:525)
at org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory$1.run(XAManagedConnectionFactory.java:416)
at org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory$1.run(XAManagedConnectionFactory.java:413)
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_71]
at javax.security.auth.Subject.doAs(Subject.java:415) [rt.jar:1.7.0_71]
at org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory.createManagedConnection(XAManagedConnectionFactory.java:412)
at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreArrayListManagedConnectionPool.createConnectionEventListener(SemaphoreArrayListManagedConnectionPool.java:834) [ironjacamar-core-impl-1.0.28.Final-redhat-1.jar:1.0.28.Final-redhat-1]
at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreArrayListManagedConnectionPool.getConnection(SemaphoreArrayListManagedConnectionPool.java:379) [ironjacamar-core-impl-1.0.28.Final-redhat-1.jar:1.0.28.Final-redhat-1]
at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:406) [ironjacamar-core-impl-1.0.28.Final-redhat-1.jar:1.0.28.Final-redhat-1]
at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:378) [ironjacamar-core-impl-1.0.28.Final-redhat-1.jar:1.0.28.Final-redhat-1]
at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:354) [ironjacamar-core-impl-1.0.28.Final-redhat-1.jar:1.0.28.Final-redhat-1]
at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:368) [ironjacamar-core-impl-1.0.28.Final-redhat-1.jar:1.0.28.Final-redhat-1]
at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:491) [ironjacamar-core-impl-1.0.28.Final-redhat-1.jar:1.0.28.Final-redhat-1]
at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:143)
...
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
at org.jboss.threads.JBossThread.run(JBossThread.java:122)
Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: Connection reset
at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:1667) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:1654) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.TDSChannel.read(IOBuffer.java:1789) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.TDSReader.readPacket(IOBuffer.java:4838) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.TDSCommand.startResponse(IOBuffer.java:6154) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.TDSCommand.startResponse(IOBuffer.java:6106) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.SQLServerConnection$1ConnectionCommand.doExecute(SQLServerConnection.java:1756) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.TDSCommand.execute(IOBuffer.java:5696) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.SQLServerConnection.executeCommand(SQLServerConnection.java:1715) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectionCommand(SQLServerConnection.java:1761) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.SQLServerConnection.setTransactionIsolation(SQLServerConnection.java:2095) [sqljdbc4.jar:]
at com.microsoft.sqlserver.jdbc.SQLServerConnectionPoolProxy.setTransactionIsolation(SQLServerConnectionPoolProxy.java:171) [sqljdbc4.jar:]
at org.jboss.jca.adapters.jdbc.BaseWrapperManagedConnection.<init>(BaseWrapperManagedConnection.java:200)
at org.jboss.jca.adapters.jdbc.xa.XAManagedConnection.<init>(XAManagedConnection.java:68)
at org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory.newXAManagedConnection(XAManagedConnectionFactory.java:539)
at org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory.getXAManagedConnection(XAManagedConnectionFactory.java:512)
... 46 more
- 2 ) I also tried to set the keystore setting in jdbc url. but still same error.
<xa-datasource-property name="URL">jdbc:sqlserver://system.my.org\\mydb:1443;databaseName=MyDatabase;encrypt=true;trustServerCertification=true;trustStore=/data/app_certificate/mykeystore.jks;trustStorePassword=xxxxxxxx</xa-datasource-property>
Environment
- OpenJDK 1.6.0
- OpenJDK 1.7.0
- Oracle JDK 1.6.0
- Oracle JDK 1.7.0
- MSSQL JDBC driver
- JBoss Enterprise Application Platform
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.