ofbiz-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Wynkoop <robert.wynk...@gmail.com>
Subject Re: unexpected_message error when connecting to remote postgresql database over ssl
Date Fri, 10 Jan 2020 22:27:23 GMT
Bagas,

Also you try turning off ssl, since this is not your prod.

add ";sslfactory=org.postgresql.ssl.NonValidatingFactory"

to the end of your database connection string.

Robert Wynkoop
Still not an expert.

On Fri, Jan 10, 2020 at 4:08 PM Robert Wynkoop <robert.wynkoop@gmail.com>
wrote:

> Not an expert here.
>
> I see this in your log:
>
> Unparseable AuthorityInfoAccess extension due to
> java.io.IOException: URI name must include scheme:http//ocsp.ca.linode.com
>
> I know when doing a secure connection, the serer must return a cert where the issuer
can be validated.
>
> From your log:
>
> 2020-01-09 08:29:14.952 UTC [1893] LOG:  connection received: host=10.29.106.190 port=60432
>
> I do not believe 10.29.106.190 can be verified as a valid host.
>
> Hope this might help.
>
> Robert Wynkoop
>
>
> On Thu, Jan 9, 2020 at 2:55 AM Bagas Sanjaya <bagasdotme@gmail.com> wrote:
>
>> Hello,
>>
>> I'm trying loading OFBiz demo data (trunk version) to remote PostgreSQL
>> database.
>>
>> The system running the database use PostgreSQL 12. I connect to database
>> using PostgreSQL JDBC 42.2.8.
>>
>> I follow [JDBC
>> guide](https://jdbc.postgresql.org/documentation/91/ssl-client.html).
>>
>> The story short, I got `fatal alert: unexpected message` message, which
>> cause data loading to fail.
>>
>> However, when test connect to one of databases with `psql`, the database
>> can be connected successfully.
>>
>> On database instance side, the log shows at the time of error:
>>
>>  > could not accept SSL connection: ccs received early
>>
>> Full logs are available at:
>> [1] [PostgreSQL Server Log]http://paste.ubuntu.com/p/4Kn8wYPZDs/
>> [2] [OFBiz Log, with SSL Debug log until first
>> fail](http://paste.ubuntu.com/p/WBknj9DKQz/)
>>
>> Disabling SSL on the server (as well as setting appropriate JDBC
>> database URI) serve as workaround, unfortunately.
>>
>> So what's wrong here?
>>
>> Bagas
>>
>> --
>> An old man doll... just what I always wanted! - Clara
>>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message