| From: | Dave Cramer <pg(at)fastcrypt(dot)com> |
|---|---|
| To: | David Wall <d(dot)wall(at)computer(dot)org> |
| Cc: | pgsql-jdbc(at)lists(dot)postgresql(dot)org |
| Subject: | Re: SSL connection issue with JDBC |
| Date: | 2019-05-17 19:21:03 |
| Message-ID: | CADK3HH+SqLfeW6Nsj3i+RHk5+WaCxSPt+3R4Sbj09A8=49G=+A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
One thing is the certs for java have to be in DER format.
https://github.com/pgjdbc/pgjdbc/blob/master/docs/documentation/head/connect.md
-
*Note:* The key file must be in DER format
<https://wiki.openssl.org/index.php/DER>. A PEM key can be converted to
DER format using the openssl command:
openssl pkcs8 -topk8 -inform PEM -in my.key -outform DER -out my.key.der
-
Dave Cramer
davec(at)postgresintl(dot)com
www.postgresintl.com
On Tue, 14 May 2019 at 13:07, David Wall <d(dot)wall(at)computer(dot)org> wrote:
> On 5/14/19 9:31 AM, Rob Sargent wrote:
>
>
> If I use *latest JDBC postgrsql driver "postgresql-42.2.5"* then I get
> below error.
>
> Anup
>
> Update you jdbc driver to current release.
>
>
> Sounds like that was done.
>
> Are you sure your SSL certs are recognized? The original exception
> suggests an issue with trust along the chain:
>
> Caused by: java.security.cert.CertPathValidatorException: The certificate
> issued by CN=certificate-authority is not trusted; internal cause is:
>
> java.security.cert.CertPathValidatorException: Certificate
> chaining error
>
> That does seem an unexpected CN. Both your java cacerts and postgres
> would have to share the CA certs needed to validate the full chain.
>
> David
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Anupkumar Seth | 2019-05-20 05:24:48 | RE: SSL connection issue with JDBC |
| Previous Message | David Wall | 2019-05-14 17:07:01 | Re: SSL connection issue with JDBC |