db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kristian Waagan <Kristian.Waa...@Sun.COM>
Subject Re: Network encryption and authentication with SSL/TLS
Date Mon, 18 May 2009 07:12:14 GMT
oluj@me.com wrote:
> Dear Derby Users
>
> Can anyone help me with the following:
>
> I have a derby network server install on a virtual private server machine.
>
> When the server is started in this fashion:
>
> RUNCOMMAND="bin/startNetworkServer -h 0.0.0.0"
>
> I can connect, insert, delete and query my database.
>
>
> However, when the server is started using this command:
>
> RUNCOMMAND="bin/startNetworkServer -h 0.0.0.0 -ssl peerAuthentication"
>
> I am not able to connect to access my database, and I am forever getting a 08001 error.
>
> I am using this code:
>
> System.setProperty("javax.net.ssl.keyStore","clientKeyStore.key");
> System.setProperty("javax.net.ssl.keyStorePassword","abc");
> String s = "jdbc:derby://domainName.com:1527/db;ssl=basic";
> Class.forName(org.apache.derby.jdbc.ClientDriver).newInstance();
> Connection c = DriverManager.getConnection(s);
>
>
> When I try to ping the server I get the following error:
>
> Invalid reply header from network server: Invalid string. Plaintext connection attempt
to an SSL enabled server?
>
> Could someone please explain why I cannot connect when the server does the authentication?
>   

Hello Steve,

Don't you have to use ssl=peerAuthentication on both the server and the 
client?
There is a white paper on security for Apache Derby / Java DB on the Sun 
Developer Network site [1] (look under "Reference"). It has a 
description / example on how to configure SSL.


FYI: You're using the DriverManager above, but note that there is an 
issue with SSL configuration in the ClientConnectionPoolDataSource and 
ClientXADataSource in Derby 10.4.2.0 and earlier versions.


-- 
Kristian

[1] http://developers.sun.com/javadb/index.jsp
> Thanks
> Steve
>   


Mime
View raw message