You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Magosányi Árpád <m4...@gmail.com> on 2019/10/22 10:56:28 UTC
postgresql jndi datasource with certificate authentication?
Hi!
Anyone have a postgresql jndi datasource with certificate authentication
working?
I have the following in context.xml:
<Resource name="jdbc/users" auth="Container"
type="javax.sql.DataSource"
driverClassName="org.postgresql.Driver"
url="jdbc:postgresql://infra.kodekonveyor.com:5432/users?ssl=true&sslmode=verify-ca"
username="market" maxTotal="20" maxIdle="10"
maxWaitMillis="-1"/>
I have this in ~tomcat/.postgresql:
root@market:/var/lib/tomcat9/.postgresql# ls -lL
total 11
-rw-r--r-- 1 root root 4597 Oct 21 12:49 postgresql.crt
-r-------- 1 tomcat root 1329 Oct 21 17:40 postgresql.pk8
-rw-r--r-- 1 root root 1493 Oct 21 12:49 root.crt
where the crt file is a pem client certificate, root.crt is the ca cert,
and pk8 is the client key in der pkcs-8 format.
The logs:
NOTE: Picked up JDK_JAVA_OPTIONS:
--add-opens=java.base/java.lang=ALL-UNNAMED
--add-opens=java.base/java.io=ALL-UNNAMED
--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
Server version name: Apache Tomcat/9.0.16 (Ubuntu)
Server built: Sep 11 2019 19:47:51 UTC
Server version number: 9.0.16.0
OS Name: Linux
OS Version: 4.15.0-65-generic
Architecture: amd64
Java Home: /usr/lib/jvm/java-11-openjdk-amd64
JVM Version: 11.0.4+11-post-Ubuntu-1ubuntu218.04.3
JVM Vendor: Ubuntu
CATALINA_BASE: /var/lib/tomcat9
CATALINA_HOME: /usr/share/tomcat9
Command line argument: --add-opens=java.base/java.lang=ALL-UNNAMED
Command line argument: --add-opens=java.base/java.io=ALL-UNNAMED
Command line argument:
--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
Command line argument:
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties
Command line argument:
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
Command line argument: -Djava.awt.headless=true
Command line argument: -XX:+UseG1GC
Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
Command line argument:
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources
Command line argument:
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027
Command line argument: -Dignore.endorsed.dirs=
Command line argument: -Dcatalina.base=/var/lib/tomcat9
Command line argument: -Dcatalina.home=/usr/share/tomcat9
Command line argument: -Djava.io.tmpdir=/tmp
Loaded APR based Apache Tomcat Native library [1.2.21] using APR
version [1.6.3].
APR capabilities: IPv6 [true], sendfile [true], accept filters
[false], random [true].
APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true]
OpenSSL successfully initialized [OpenSSL 1.1.1 11 Sep 2018]
Initializing ProtocolHandler ["ajp-nio-8009"]
Server initialization in [1,859] milliseconds
Starting service [Catalina]
Starting Servlet engine: [Apache Tomcat/9.0.16 (Ubuntu)]
Deploying web application archive [/var/lib/tomcat9/webapps/market.war]
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in
[jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/slf4j-simple-1.7.24.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in
[jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/logback-classic-1.2.3.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an
explanation.
SLF4J: Actual binding is of type [org.slf4j.impl.SimpleLoggerFactory]
3 Spring WebApplicationInitializers detected on classpath
onStartup
getContext
getRootConfigClasses
[main] INFO com.kodekonveyor.market.WebInitializer -
getRootConfigClasses
getServletConfigClasses
[main] INFO com.kodekonveyor.market.WebInitializer -
getServletConfigClasses
getServletMappings
[main] INFO com.kodekonveyor.market.WebInitializer - getServletMappings
At least one JAR was scanned for TLDs yet contained no TLDs. Enable
debug logging for this logger for a complete list of JARs that were
scanned but no TLDs were found in them. Skipping unneeded JARs during
scanning can improve startup time and JSP compilation time.
Initializing Spring root WebApplicationContext
[main] INFO org.springframework.web.context.ContextLoader - Root
WebApplicationContext: initialization started
[main] INFO
org.springframework.data.repository.config.RepositoryConfigurationDelegate
- Bootstrapping Spring Data repositories in DEFAULT mode.
[main] INFO
org.springframework.data.repository.config.RepositoryConfigurationDelegate
- Finished Spring Data repository scanning in 198ms. Found 1 repository
interfaces.
[main] INFO
org.springframework.data.repository.config.RepositoryConfigurationDelegate
- Bootstrapping Spring Data repositories in DEFAULT mode.
[main] INFO
org.springframework.data.repository.config.RepositoryConfigurationDelegate
- Finished Spring Data repository scanning in 35ms. Found 1 repository
interfaces.
[main] INFO
org.springframework.context.support.PostProcessorRegistrationDelegate$BeanPostProcessorChecker
- Bean
'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration'
of type
[org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration]
is not eligible for getting processed by all BeanPostProcessors (for
example: not eligible for auto-proxying)
[main] INFO org.hibernate.jpa.internal.util.LogHelper - HHH000204:
Processing PersistenceUnitInfo [name: default]
[main] INFO org.hibernate.Version - HHH000412: Hibernate Core
{5.4.6.Final}
[main] INFO org.hibernate.annotations.common.Version - HCANN000001:
Hibernate Commons Annotations {5.1.0.Final}
[main] WARN
org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
HHH000342: Could not obtain connection to query metadata : Cannot create
PoolableConnectionFactory (Could not find a java cryptographic
algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
[main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
dialect: org.hibernate.dialect.PostgreSQLDialect
[main] INFO
org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
- HHH000490: Using JtaPlatform implementation:
[org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
[main] INFO
org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
Initialized JPA EntityManagerFactory for persistence unit 'default'
[main] WARN
org.springframework.boot.autoconfigure.orm.jpa.JpaBaseConfiguration$JpaWebConfiguration
- spring.jpa.open-in-view is enabled by default. Therefore, database
queries may be performed during view rendering. Explicitly configure
spring.jpa.open-in-view to disable this warning
addResourceHandlers
[main] INFO com.kodekonveyor.market.SpringConfig - addResourceHandlers
viewResolver
[main] INFO com.kodekonveyor.market.SpringConfig - viewResolver
[main] INFO org.springframework.web.context.ContextLoader - Root
WebApplicationContext initialized in 12786 ms
Initializing Spring DispatcherServlet 'DispatcherServlet'
[main] INFO org.springframework.web.servlet.DispatcherServlet -
Initializing Servlet 'DispatcherServlet'
[main] INFO org.springframework.web.servlet.DispatcherServlet -
Completed initialization in 17 ms
Initializing Spring DispatcherServlet 'dispatcher'
[main] INFO org.springframework.web.servlet.DispatcherServlet -
Initializing Servlet 'dispatcher'
[main] INFO
org.springframework.data.repository.config.RepositoryConfigurationDelegate
- Bootstrapping Spring Data repositories in DEFAULT mode.
[main] INFO
org.springframework.data.repository.config.RepositoryConfigurationDelegate
- Finished Spring Data repository scanning in 13ms. Found 1 repository
interfaces.
[main] INFO org.hibernate.jpa.internal.util.LogHelper - HHH000204:
Processing PersistenceUnitInfo [name: default]
[main] WARN
org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
HHH000342: Could not obtain connection to query metadata : Cannot create
PoolableConnectionFactory (Could not find a java cryptographic
algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
[main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
dialect: org.hibernate.dialect.PostgreSQLDialect
[main] INFO
org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
- HHH000490: Using JtaPlatform implementation:
[org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
[main] INFO
org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
Initialized JPA EntityManagerFactory for persistence unit 'default'
addResourceHandlers
[main] INFO com.kodekonveyor.market.SpringConfig - addResourceHandlers
viewResolver
[main] INFO com.kodekonveyor.market.SpringConfig - viewResolver
[main] INFO org.springframework.web.servlet.DispatcherServlet -
Completed initialization in 1378 ms
Deployment of web application archive
[/var/lib/tomcat9/webapps/market.war] has finished in [25,639] ms
Deploying web application directory [/var/lib/tomcat9/webapps/ROOT]
At least one JAR was scanned for TLDs yet contained no TLDs. Enable
debug logging for this logger for a complete list of JARs that were
scanned but no TLDs were found in them. Skipping unneeded JARs during
scanning can improve startup time and JSP compilation time.
Deployment of web application directory
[/var/lib/tomcat9/webapps/ROOT] has finished in [1,491] ms
Starting ProtocolHandler ["ajp-nio-8009"]
Server startup in [27,448] milliseconds
[ajp-nio-8009-exec-1] INFO
com.kodekonveyor.market.servlets.LoginServlet -
service:com.kodekonveyor.market.login.LoginService@3e6bbac6
[ajp-nio-8009-exec-1] INFO
com.kodekonveyor.market.login.LoginService - LoginService.call
[ajp-nio-8009-exec-1] INFO
com.kodekonveyor.market.login.LoginService - githubSecret:s4cred S3cr3t
Hibernate: select user0_.id as id1_0_, user0_.auth0id as auth2_0_,
user0_.email as email3_0_, user0_.name as name4_0_ from User user0_
where user0_.auth0id=?
[ajp-nio-8009-exec-1] WARN
org.hibernate.engine.jdbc.spi.SqlExceptionHelper - SQL Error: 0,
SQLState: null
[ajp-nio-8009-exec-1] ERROR
org.hibernate.engine.jdbc.spi.SqlExceptionHelper - Cannot create
PoolableConnectionFactory (Could not find a java cryptographic
algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
Servlet.service() for servlet
[com.kodekonveyor.market.servlets.LoginServlet] in context with path
[/market] threw exception
org.springframework.orm.jpa.JpaSystemException: Unable to acquire
JDBC Connection; nested exception is
org.hibernate.exception.GenericJDBCException: Unable to acquire JDBC
Connection
at
org.springframework.orm.jpa.vendor.HibernateJpaDialect.convertHibernateAccessException(HibernateJpaDialect.java:352)
at
org.springframework.orm.jpa.vendor.HibernateJpaDialect.translateExceptionIfPossible(HibernateJpaDialect.java:254)
at
org.springframework.orm.jpa.AbstractEntityManagerFactoryBean.translateExceptionIfPossible(AbstractEntityManagerFactoryBean.java:528)
at
org.springframework.dao.support.ChainedPersistenceExceptionTranslator.translateExceptionIfPossible(ChainedPersistenceExceptionTranslator.java:61)
at
org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:242)
at
org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:153)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at
org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$CrudMethodMetadataPopulatingMethodInterceptor.invoke(CrudMethodMetadataPostProcessor.java:149)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at
org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
at com.sun.proxy.$Proxy75.findByAuth0id(Unknown Source)
at
com.kodekonveyor.market.login.LoginService.call(LoginService.java:41)
at
com.kodekonveyor.market.servlets.LoginServlet.doGet(LoginServlet.java:29)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at
org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:394)
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: org.hibernate.exception.GenericJDBCException: Unable to
acquire JDBC Connection
at
org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:47)
at
org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:113)
at
org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:99)
at
org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:107)
at
org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.getPhysicalConnection(LogicalConnectionManagedImpl.java:134)
at
org.hibernate.engine.jdbc.internal.StatementPreparerImpl.connection(StatementPreparerImpl.java:50)
at
org.hibernate.engine.jdbc.internal.StatementPreparerImpl$5.doPrepare(StatementPreparerImpl.java:149)
at
org.hibernate.engine.jdbc.internal.StatementPreparerImpl$StatementPreparationTemplate.prepareStatement(StatementPreparerImpl.java:176)
at
org.hibernate.engine.jdbc.internal.StatementPreparerImpl.prepareQueryStatement(StatementPreparerImpl.java:151)
at
org.hibernate.loader.Loader.prepareQueryStatement(Loader.java:2099)
at
org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2029)
at
org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2007)
at org.hibernate.loader.Loader.doQuery(Loader.java:953)
at
org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:354)
at org.hibernate.loader.Loader.doList(Loader.java:2810)
at org.hibernate.loader.Loader.doList(Loader.java:2792)
at
org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2624)
at org.hibernate.loader.Loader.list(Loader.java:2619)
at org.hibernate.loader.hql.QueryLoader.list(QueryLoader.java:506)
at
org.hibernate.hql.internal.ast.QueryTranslatorImpl.list(QueryTranslatorImpl.java:396)
at
org.hibernate.engine.query.spi.HQLQueryPlan.performList(HQLQueryPlan.java:219)
at org.hibernate.internal.SessionImpl.list(SessionImpl.java:1410)
at
org.hibernate.query.internal.AbstractProducedQuery.doList(AbstractProducedQuery.java:1558)
at
org.hibernate.query.internal.AbstractProducedQuery.list(AbstractProducedQuery.java:1526)
at org.hibernate.query.Query.getResultList(Query.java:165)
at
org.hibernate.query.criteria.internal.compile.CriteriaQueryTypeQueryAdapter.getResultList(CriteriaQueryTypeQueryAdapter.java:76)
at
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
at
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at
org.springframework.orm.jpa.SharedEntityManagerCreator$DeferredQueryInvocationHandler.invoke(SharedEntityManagerCreator.java:409)
at com.sun.proxy.$Proxy87.getResultList(Unknown Source)
at
org.springframework.data.jpa.repository.query.JpaQueryExecution$CollectionExecution.doExecute(JpaQueryExecution.java:126)
at
org.springframework.data.jpa.repository.query.JpaQueryExecution.execute(JpaQueryExecution.java:88)
at
org.springframework.data.jpa.repository.query.AbstractJpaQuery.doExecute(AbstractJpaQuery.java:154)
at
org.springframework.data.jpa.repository.query.AbstractJpaQuery.execute(AbstractJpaQuery.java:142)
at
org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.doInvoke(RepositoryFactorySupport.java:618)
at
org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.invoke(RepositoryFactorySupport.java:605)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:353)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:99)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at
org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:139)
... 38 more
Caused by: java.sql.SQLException: Cannot create
PoolableConnectionFactory (Could not find a java cryptographic
algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
at
org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:735)
at
org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:605)
at
org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getConnection(BasicDataSource.java:794)
at
org.hibernate.engine.jdbc.connections.internal.DatasourceConnectionProviderImpl.getConnection(DatasourceConnectionProviderImpl.java:122)
at
org.hibernate.internal.NonContextualJdbcConnectionAccess.obtainConnection(NonContextualJdbcConnectionAccess.java:38)
at
org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:104)
... 77 more
Caused by: org.postgresql.util.PSQLException: Could not find a java
cryptographic algorithm: Cannot find any provider supporting
1.2.840.113549.1.5.13.
at
org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:253)
at
java.base/sun.security.ssl.AbstractKeyManagerWrapper.getPrivateKey(SSLContextImpl.java:1764)
at
java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createClientPossession(X509Authentication.java:197)
at
java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createPossession(X509Authentication.java:154)
at
java.base/sun.security.ssl.X509Authentication.createPossession(X509Authentication.java:87)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.choosePossession(CertificateMessage.java:1052)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.onProduceCertificate(CertificateMessage.java:1073)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.produce(CertificateMessage.java:930)
at
java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
at
java.base/sun.security.ssl.Finished$T13FinishedConsumer.onConsumeFinished(Finished.java:981)
at
java.base/sun.security.ssl.Finished$T13FinishedConsumer.consume(Finished.java:856)
at
java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
at
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:177)
at
java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at
java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
at
java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
at
java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:40)
at
org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:441)
at
org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:94)
at
org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
at
org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
at org.postgresql.Driver.makeConnection(Driver.java:458)
at org.postgresql.Driver.connect(Driver.java:260)
at
org.apache.tomcat.dbcp.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:53)
at
org.apache.tomcat.dbcp.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:355)
at
org.apache.tomcat.dbcp.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:116)
at
org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:731)
... 82 more
Caused by: java.security.NoSuchAlgorithmException: Cannot find any
provider supporting 1.2.840.113549.1.5.13
at java.base/javax.crypto.Cipher.getInstance(Cipher.java:565)
at
org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:205)
... 112 more
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: postgresql jndi datasource with certificate authentication?
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Felix,
On 10/26/19 16:37, Felix Schumacher wrote:
>
> Am 22.10.19 um 20:07 schrieb Magosányi Árpád:
>> Thank you all for the suggestions.
>>
>> Based on the documentation, my setup should work: The server
>> certificate is already processed and accepted (I know that
>> because I could not get it right at the first try). The driver is
>> supposed to work with a PEM certificate and a pkcs-8 DER encoded
>> key, and those what I supply to it.
>
> Is your key password protected? Have you tried to remove the
> password?
This was essentially resolved. The OP just didn't circle back to us.
If you look at the PR, it turns out that openssl changed behavior and
used a different encryption algorithm to encrypt the private key. The
pgsql JDBC driver has limited support for reading keys.
So basically, you have to make sure that openssl uses the deprecated
encryption strategy.
I'm looking at maybe providing a patch to their project, if only to
allow them to read something other than a binary DER key file. Yuck.
It's the only product I've ever seen that can ONLY take a binary file
and not e.g. PEM, keystore, whatever. Weird that they have a Java
product that can't use a Java keystore for its keys.
- -chris
>> The problem seems to be that the java installation (openjdk-11)
>> does not have a cryptographic security provider understanding a
>> specific oid. What I understand is that BouncyCastle have that
>> security provider, and I should be able to configure it somewhere
>> either in the java setup or tomcat. I have already tried in the
>> java setup, but the documented way did not seem to work. I have
>> no idea how to configure it in Tomcat datasource, this is why I
>> have asked here. The other reason is to see whether anyone have a
>> similar setup: if so, then someone already dealt with same
>> problem, and I should like to see how.
>>
>> It's true that it seems to be a pgjdbc related problem: it does
>> not work with directly jdbc calls. I am trying to get help from
>> the jdbc guys, this is why I have an open issue there:
>>
>> https://github.com/pgjdbc/pgjdbc/issues/1585
>>
>>
>> On 10/22/19 6:10 PM, Christopher Schultz wrote:
>>> Arpad,
>>>
>>> On 10/22/19 12:19, logo wrote:
>>>>>>>> I have the following in context.xml:
>>>>>>>>
>>>>>>>> <Resource name="jdbc/users" auth="Container"
>>>>>>>> type="javax.sql.DataSource"
>>>>>>>> driverClassName="org.postgresql.Driver"
>>>>>>>> url="jdbc:postgresql://infra.kodekonveyor.com:5432/users?ssl=tr
ue&sslmode=verify-ca"
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
username="market" maxTotal="20" maxIdle="10"
>>>>>>>> maxWaitMillis="-1"/>
>>>>>>>>
>>>>>>>> I have this in ~tomcat/.postgresql:
>>>>>>>>
>>>>>>>> root@market:/var/lib/tomcat9/.postgresql# ls -lL
>>>>>>>> total 11 -rw-r--r-- 1 root root 4597 Oct 21 12:49
>>>>>>>> postgresql.crt -r-------- 1 tomcat root 1329 Oct 21
>>>>>>>> 17:40 postgresql.pk8 -rw-r--r-- 1 root root 1493
>>>>>>>> Oct 21 12:49 root.crt
>>> The documentation for the driver[1] is a little unclear, but it
>>> seems that you can indeed specify the location of the client
>>> certificate using sslcert=/path/to/cert and sslkey=/path/to/key
>>> connection parameters. Their defaults are
>>> ${user.home}/.postgresql/postgresql.crt and
>>> ${user.home}/.postgresql/postgresql.pk8 (and
>>> ${user.home}/.postgresql/root.crt for the root certificate).
>>>
>>> So I think those settings should be working.
>>>
>>> Under the notes in [1], it says:
>>>
>>> " If you are using Java's default mechanism (not LibPQFactory)
>>> to create the SSL connection you will need to make the server
>>> certificate available to Java, the first step is to convert it
>>> to a form Java understands. "
>>>
>>> I'm not sure what LibPQFactory is, but you may have to convert
>>> to PKCS12/JKS and use their process to use those certificates.
>>>
>>> The documentation suggests that you will need to start your JVM
>>> with specific system properties to make your connection. IMO
>>> this is a terrible bug because it means you can't configure
>>> these things on a per-connection basis. The documentation is
>>> also incomplete because they only tell you how to configure a
>>> trust store (to trust the server) and not how to configure the
>>> key store (which contains your client certificate). The correct
>>> system properties to use for a key store are:
>>>
>>> javax.net.ssl.keyStore (path to keystore)
>>> javax.net.ssl.keyStorePassword (password for keystore)
>>> javax.net.ssl.keyStoreType (type of keystore, PKCS12, JCEKS,
>>> JKS, etc.)
>>>
>>> At this point, all of your questions should be directed to the
>>> PostgreSQL community since it's the driver you are having
>>> trouble configuring. It appears that Tomcat is working as
>>> expected and you just need help with the driver configuration.
>>>
>>> Hope that helps, -chris
>>>
>>> [1]
>>> https://jdbc.postgresql.org/documentation/head/ssl-client.html
>>>
>>> --------------------------------------------------------------------
- -
>>>
>>>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>> ---------------------------------------------------------------------
>>
>>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
> ---------------------------------------------------------------------
>
>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl20sjYACgkQHPApP6U8
pFguxhAAl0hb8+Jzu70oLAw97BctPjlIWcl8qsXMHa4EEYHN9odbSM70FQlgPC3o
faWei6c3QJrvoFrjr5nJ9hUT1Wcu2wWQ892iyDoW9OG18OpoAT5DrAADmrJP24j1
+HyGiSIUX/15F04+cgARaTG2+ImyJ/Vl9aCPntm3crBS3xLEzX01sggKlkh8sx7O
iae7zVgcCNHOcnd11Ng8wDSQ0x6/xxdQrTmbWV2g9gsgC156Pd/FAO7P1bV5Uo4X
K3aBSj0msRCMYoCwphymqudGHATmN8lsKuvDuxHw9RBxdnXustIyWXAq1g8S/9AS
eSJsa5bIfyfKpeCC7mcYxCbL/mfgCZ73GqPNTgyaZL2JmB/5aJQ1zGgdDQGS8do0
M3HG+V5TEIfY7W4GAkCC/wd74hOF1TLy/fgWZA53m7jjzBzzXfiiuopR2aki0N3E
R5ZitT/3LNUkuUbzZpefsn9AlBr+AAoqRO0BlF8vS6D3HixbHj1C7rz/Tfc68+Mm
jZ2u8kzUzwaM2j66ozwWKnc3epjkXgSDYGUGFCeONe7oVPyMiZluDhzVyehV4KUD
NEYNjCByvfvF5NKPQ3MzGdXmvAnGSYlgbc9j85TC5/uJgE2iuyQPuGbGXlHL9ZDd
f9HNxajh8+CBmyda/5wjTOleClvJr/ERFbpKUDnwcI8cIDZOwVg=
=6UKy
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: postgresql jndi datasource with certificate authentication?
Posted by Felix Schumacher <fe...@internetallee.de>.
Am 22.10.19 um 20:07 schrieb Magosányi Árpád:
> Thank you all for the suggestions.
>
> Based on the documentation, my setup should work: The server certificate
> is already processed and accepted (I know that because I could not get
> it right at the first try). The driver is supposed to work with a PEM
> certificate and a pkcs-8 DER encoded key, and those what I supply to it.
Is your key password protected? Have you tried to remove the password?
Felix
>
> The problem seems to be that the java installation (openjdk-11) does not
> have a cryptographic security provider understanding a specific oid.
> What I understand is that BouncyCastle have that security provider, and
> I should be able to configure it somewhere either in the java setup or
> tomcat.
> I have already tried in the java setup, but the documented way did not
> seem to work.
> I have no idea how to configure it in Tomcat datasource, this is why I
> have asked here.
> The other reason is to see whether anyone have a similar setup: if so,
> then someone already dealt with same problem, and I should like to see how.
>
> It's true that it seems to be a pgjdbc related problem: it does not work
> with directly jdbc calls. I am trying to get help from the jdbc guys,
> this is why I have an open issue there:
>
> https://github.com/pgjdbc/pgjdbc/issues/1585
>
>
> On 10/22/19 6:10 PM, Christopher Schultz wrote:
>> Arpad,
>>
>> On 10/22/19 12:19, logo wrote:
>>>>>>> I have the following in context.xml:
>>>>>>>
>>>>>>> <Resource name="jdbc/users" auth="Container"
>>>>>>> type="javax.sql.DataSource"
>>>>>>> driverClassName="org.postgresql.Driver"
>>>>>>> url="jdbc:postgresql://infra.kodekonveyor.com:5432/users?ssl=true&sslmode=verify-ca"
>>>>>>>
>>>>>>>
>>>>>>> username="market" maxTotal="20" maxIdle="10"
>>>>>>> maxWaitMillis="-1"/>
>>>>>>>
>>>>>>> I have this in ~tomcat/.postgresql:
>>>>>>>
>>>>>>> root@market:/var/lib/tomcat9/.postgresql# ls -lL
>>>>>>> total 11
>>>>>>> -rw-r--r-- 1 root root 4597 Oct 21 12:49 postgresql.crt
>>>>>>> -r-------- 1 tomcat root 1329 Oct 21 17:40 postgresql.pk8
>>>>>>> -rw-r--r-- 1 root root 1493 Oct 21 12:49 root.crt
>> The documentation for the driver[1] is a little unclear, but it seems
>> that you can indeed specify the location of the client certificate
>> using sslcert=/path/to/cert and sslkey=/path/to/key connection
>> parameters. Their defaults are ${user.home}/.postgresql/postgresql.crt
>> and ${user.home}/.postgresql/postgresql.pk8 (and
>> ${user.home}/.postgresql/root.crt for the root certificate).
>>
>> So I think those settings should be working.
>>
>> Under the notes in [1], it says:
>>
>> "
>> If you are using Java's default mechanism (not LibPQFactory) to create
>> the SSL connection you will need to make the server certificate
>> available to Java, the first step is to convert it to a form Java
>> understands.
>> "
>>
>> I'm not sure what LibPQFactory is, but you may have to convert to
>> PKCS12/JKS and use their process to use those certificates.
>>
>> The documentation suggests that you will need to start your JVM with
>> specific system properties to make your connection. IMO this is a
>> terrible bug because it means you can't configure these things on a
>> per-connection basis. The documentation is also incomplete because
>> they only tell you how to configure a trust store (to trust the
>> server) and not how to configure the key store (which contains your
>> client certificate). The correct system properties to use for a key
>> store are:
>>
>> javax.net.ssl.keyStore (path to keystore)
>> javax.net.ssl.keyStorePassword (password for keystore)
>> javax.net.ssl.keyStoreType (type of keystore, PKCS12, JCEKS, JKS, etc.)
>>
>> At this point, all of your questions should be directed to the
>> PostgreSQL community since it's the driver you are having trouble
>> configuring. It appears that Tomcat is working as expected and you
>> just need help with the driver configuration.
>>
>> Hope that helps,
>> -chris
>>
>> [1] https://jdbc.postgresql.org/documentation/head/ssl-client.html
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: postgresql jndi datasource with certificate authentication?
Posted by Magosányi Árpád <m4...@gmail.com>.
Thank you all for the suggestions.
Based on the documentation, my setup should work: The server certificate
is already processed and accepted (I know that because I could not get
it right at the first try). The driver is supposed to work with a PEM
certificate and a pkcs-8 DER encoded key, and those what I supply to it.
The problem seems to be that the java installation (openjdk-11) does not
have a cryptographic security provider understanding a specific oid.
What I understand is that BouncyCastle have that security provider, and
I should be able to configure it somewhere either in the java setup or
tomcat.
I have already tried in the java setup, but the documented way did not
seem to work.
I have no idea how to configure it in Tomcat datasource, this is why I
have asked here.
The other reason is to see whether anyone have a similar setup: if so,
then someone already dealt with same problem, and I should like to see how.
It's true that it seems to be a pgjdbc related problem: it does not work
with directly jdbc calls. I am trying to get help from the jdbc guys,
this is why I have an open issue there:
https://github.com/pgjdbc/pgjdbc/issues/1585
On 10/22/19 6:10 PM, Christopher Schultz wrote:
> Arpad,
>
> On 10/22/19 12:19, logo wrote:
>>>>>> I have the following in context.xml:
>>>>>>
>>>>>> <Resource name="jdbc/users" auth="Container"
>>>>>> type="javax.sql.DataSource"
>>>>>> driverClassName="org.postgresql.Driver"
>>>>>> url="jdbc:postgresql://infra.kodekonveyor.com:5432/users?ssl=true&sslmode=verify-ca"
>>>>>>
>>>>>>
>>>>>> username="market" maxTotal="20" maxIdle="10"
>>>>>> maxWaitMillis="-1"/>
>>>>>>
>>>>>> I have this in ~tomcat/.postgresql:
>>>>>>
>>>>>> root@market:/var/lib/tomcat9/.postgresql# ls -lL
>>>>>> total 11
>>>>>> -rw-r--r-- 1 root root 4597 Oct 21 12:49 postgresql.crt
>>>>>> -r-------- 1 tomcat root 1329 Oct 21 17:40 postgresql.pk8
>>>>>> -rw-r--r-- 1 root root 1493 Oct 21 12:49 root.crt
>
> The documentation for the driver[1] is a little unclear, but it seems
> that you can indeed specify the location of the client certificate
> using sslcert=/path/to/cert and sslkey=/path/to/key connection
> parameters. Their defaults are ${user.home}/.postgresql/postgresql.crt
> and ${user.home}/.postgresql/postgresql.pk8 (and
> ${user.home}/.postgresql/root.crt for the root certificate).
>
> So I think those settings should be working.
>
> Under the notes in [1], it says:
>
> "
> If you are using Java's default mechanism (not LibPQFactory) to create
> the SSL connection you will need to make the server certificate
> available to Java, the first step is to convert it to a form Java
> understands.
> "
>
> I'm not sure what LibPQFactory is, but you may have to convert to
> PKCS12/JKS and use their process to use those certificates.
>
> The documentation suggests that you will need to start your JVM with
> specific system properties to make your connection. IMO this is a
> terrible bug because it means you can't configure these things on a
> per-connection basis. The documentation is also incomplete because
> they only tell you how to configure a trust store (to trust the
> server) and not how to configure the key store (which contains your
> client certificate). The correct system properties to use for a key
> store are:
>
> javax.net.ssl.keyStore (path to keystore)
> javax.net.ssl.keyStorePassword (password for keystore)
> javax.net.ssl.keyStoreType (type of keystore, PKCS12, JCEKS, JKS, etc.)
>
> At this point, all of your questions should be directed to the
> PostgreSQL community since it's the driver you are having trouble
> configuring. It appears that Tomcat is working as expected and you
> just need help with the driver configuration.
>
> Hope that helps,
> -chris
>
> [1] https://jdbc.postgresql.org/documentation/head/ssl-client.html
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: postgresql jndi datasource with certificate authentication?
Posted by Christopher Schultz <ch...@christopherschultz.net>.
Arpad,
On 10/22/19 12:19, logo wrote:
>>>>> I have the following in context.xml:
>>>>>
>>>>> <Resource name="jdbc/users" auth="Container"
>>>>> type="javax.sql.DataSource"
>>>>> driverClassName="org.postgresql.Driver"
>>>>> url="jdbc:postgresql://infra.kodekonveyor.com:5432/users?ssl=true&sslmode=verify-ca"
>>>>>
>>>>>
>>>>> username="market" maxTotal="20" maxIdle="10"
>>>>> maxWaitMillis="-1"/>
>>>>>
>>>>> I have this in ~tomcat/.postgresql:
>>>>>
>>>>> root@market:/var/lib/tomcat9/.postgresql# ls -lL
>>>>> total 11
>>>>> -rw-r--r-- 1 root root 4597 Oct 21 12:49 postgresql.crt
>>>>> -r-------- 1 tomcat root 1329 Oct 21 17:40 postgresql.pk8
>>>>> -rw-r--r-- 1 root root 1493 Oct 21 12:49 root.crt
The documentation for the driver[1] is a little unclear, but it seems
that you can indeed specify the location of the client certificate using
sslcert=/path/to/cert and sslkey=/path/to/key connection parameters.
Their defaults are ${user.home}/.postgresql/postgresql.crt and
${user.home}/.postgresql/postgresql.pk8 (and
${user.home}/.postgresql/root.crt for the root certificate).
So I think those settings should be working.
Under the notes in [1], it says:
"
If you are using Java's default mechanism (not LibPQFactory) to create
the SSL connection you will need to make the server certificate
available to Java, the first step is to convert it to a form Java
understands.
"
I'm not sure what LibPQFactory is, but you may have to convert to
PKCS12/JKS and use their process to use those certificates.
The documentation suggests that you will need to start your JVM with
specific system properties to make your connection. IMO this is a
terrible bug because it means you can't configure these things on a
per-connection basis. The documentation is also incomplete because they
only tell you how to configure a trust store (to trust the server) and
not how to configure the key store (which contains your client
certificate). The correct system properties to use for a key store are:
javax.net.ssl.keyStore (path to keystore)
javax.net.ssl.keyStorePassword (password for keystore)
javax.net.ssl.keyStoreType (type of keystore, PKCS12, JCEKS, JKS, etc.)
At this point, all of your questions should be directed to the
PostgreSQL community since it's the driver you are having trouble
configuring. It appears that Tomcat is working as expected and you just
need help with the driver configuration.
Hope that helps,
-chris
[1] https://jdbc.postgresql.org/documentation/head/ssl-client.html
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: postgresql jndi datasource with certificate authentication?
Posted by logo <lo...@kreuser.name>.
Arpad and Chris,
Am 2019-10-22 18:07, schrieb Christopher Schultz:
> Magosányi,
>
> On 10/22/19 11:09, Magosányi Árpád wrote:
>> As I understand you are suggesting to use direct connection to the
>> database.
>> The servlet needs a JNDI datasource, and the question is about
>> configuring that datasource in tomcat.
>> As I can modify the servlet, I could choose to set up hibernate in
>> other
>> ways, but I would like to separate the concerns of providing the
>> database and using it between the operations staff and development.
>> And JNDI is exactly for that.
>
> I think Peter was suggesting that you change your connection URL and
> the format of your keystore.
>
+1
> PKCS#8 is not a recognized format for Java keystores; you'll need to
> use JKS or PKCS#12 (recommended, as JKS is being deprecated).
>
I was looking for the right type name. Thanks Chris.
Peter
> -chris
>
>> On 10/22/19 2:27 PM, logo wrote:
>>> Arpad,
>>>
>>> have you tried sth like this:
>>>
>>> StringBuffer sb = new
>>> StringBuffer("jdbc:postgresql://infra.kodekonveyor.com:5432/users?useSSL=true&useUnicode=true&characterEncoding=UTF-8&");
>>> sb.append("user=market&password=<pw>&");
>>>
>>> sb.append("clientCertificateKeyStoreUrl=file:////var/lib/tomcat9/.postgresql/client.jks&");
>>> sb.append("clientCertificateKeyStorePassword=changeit");
>>>
>>> Connection c = DriverManager.getConnection(sb.toString());
>>>
>>> and convert the pem certificate to JKS/P12 ? I have this working in
>>> mysql...
>>>
>>> Peter
>>>
>>> Am 2019-10-22 12:56, schrieb Magosányi Árpád:
>>>> Hi!
>>>>
>>>> Anyone have a postgresql jndi datasource with certificate
>>>> authentication
>>>> working?
>>>>
>>>> I have the following in context.xml:
>>>>
>>>> <Resource name="jdbc/users" auth="Container"
>>>> type="javax.sql.DataSource"
>>>> driverClassName="org.postgresql.Driver"
>>>>
>>>> url="jdbc:postgresql://infra.kodekonveyor.com:5432/users?ssl=true&sslmode=verify-ca"
>>>>
>>>> username="market" maxTotal="20" maxIdle="10"
>>>> maxWaitMillis="-1"/>
>>>>
>>>> I have this in ~tomcat/.postgresql:
>>>>
>>>> root@market:/var/lib/tomcat9/.postgresql# ls -lL
>>>> total 11
>>>> -rw-r--r-- 1 root root 4597 Oct 21 12:49 postgresql.crt
>>>> -r-------- 1 tomcat root 1329 Oct 21 17:40 postgresql.pk8
>>>> -rw-r--r-- 1 root root 1493 Oct 21 12:49 root.crt
>>>>
>>>> where the crt file is a pem client certificate, root.crt is the ca
>>>> cert,
>>>> and pk8 is the client key in der pkcs-8 format.
>>>>
>>>> The logs:
>>>>
>>>> NOTE: Picked up JDK_JAVA_OPTIONS:
>>>> --add-opens=java.base/java.lang=ALL-UNNAMED
>>>> --add-opens=java.base/java.io=ALL-UNNAMED
>>>> --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
>>>> Server version name: Apache Tomcat/9.0.16 (Ubuntu)
>>>> Server built: Sep 11 2019 19:47:51 UTC
>>>> Server version number: 9.0.16.0
>>>> OS Name: Linux
>>>> OS Version: 4.15.0-65-generic
>>>> Architecture: amd64
>>>> Java Home: /usr/lib/jvm/java-11-openjdk-amd64
>>>> JVM Version: 11.0.4+11-post-Ubuntu-1ubuntu218.04.3
>>>> JVM Vendor: Ubuntu
>>>> CATALINA_BASE: /var/lib/tomcat9
>>>> CATALINA_HOME: /usr/share/tomcat9
>>>> Command line argument:
>>>> --add-opens=java.base/java.lang=ALL-UNNAMED
>>>> Command line argument:
>>>> --add-opens=java.base/java.io=ALL-UNNAMED
>>>> Command line argument:
>>>> --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
>>>> Command line argument:
>>>> -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties
>>>> Command line argument:
>>>> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
>>>> Command line argument: -Djava.awt.headless=true
>>>> Command line argument: -XX:+UseG1GC
>>>> Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
>>>> Command line argument:
>>>> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
>>>> Command line argument:
>>>> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
>>>> Command line argument: -Dignore.endorsed.dirs=
>>>> Command line argument: -Dcatalina.base=/var/lib/tomcat9
>>>> Command line argument: -Dcatalina.home=/usr/share/tomcat9
>>>> Command line argument: -Djava.io.tmpdir=/tmp
>>>> Loaded APR based Apache Tomcat Native library [1.2.21] using
>>>> APR
>>>> version [1.6.3].
>>>> APR capabilities: IPv6 [true], sendfile [true], accept filters
>>>> [false], random [true].
>>>> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL
>>>> [true]
>>>> OpenSSL successfully initialized [OpenSSL 1.1.1 11 Sep 2018]
>>>> Initializing ProtocolHandler ["ajp-nio-8009"]
>>>> Server initialization in [1,859] milliseconds
>>>> Starting service [Catalina]
>>>> Starting Servlet engine: [Apache Tomcat/9.0.16 (Ubuntu)]
>>>> Deploying web application archive
>>>> [/var/lib/tomcat9/webapps/market.war]
>>>> SLF4J: Class path contains multiple SLF4J bindings.
>>>> SLF4J: Found binding in
>>>> [jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/slf4j-simple-1.7.24.jar!/org/slf4j/impl/StaticLoggerBinder.class]
>>>>
>>>> SLF4J: Found binding in
>>>> [jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/logback-classic-1.2.3.jar!/org/slf4j/impl/StaticLoggerBinder.class]
>>>>
>>>> SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings
>>>> for an
>>>> explanation.
>>>> SLF4J: Actual binding is of type
>>>> [org.slf4j.impl.SimpleLoggerFactory]
>>>> 3 Spring WebApplicationInitializers detected on classpath
>>>> onStartup
>>>> getContext
>>>> getRootConfigClasses
>>>> [main] INFO com.kodekonveyor.market.WebInitializer -
>>>> getRootConfigClasses
>>>> getServletConfigClasses
>>>> [main] INFO com.kodekonveyor.market.WebInitializer -
>>>> getServletConfigClasses
>>>> getServletMappings
>>>> [main] INFO com.kodekonveyor.market.WebInitializer -
>>>> getServletMappings
>>>> At least one JAR was scanned for TLDs yet contained no TLDs.
>>>> Enable
>>>> debug logging for this logger for a complete list of JARs that were
>>>> scanned but no TLDs were found in them. Skipping unneeded JARs
>>>> during
>>>> scanning can improve startup time and JSP compilation time.
>>>> Initializing Spring root WebApplicationContext
>>>> [main] INFO org.springframework.web.context.ContextLoader -
>>>> Root
>>>> WebApplicationContext: initialization started
>>>> [main] INFO
>>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>>
>>>> - Bootstrapping Spring Data repositories in DEFAULT mode.
>>>> [main] INFO
>>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>>
>>>> - Finished Spring Data repository scanning in 198ms. Found 1
>>>> repository
>>>> interfaces.
>>>> [main] INFO
>>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>>
>>>> - Bootstrapping Spring Data repositories in DEFAULT mode.
>>>> [main] INFO
>>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>>
>>>> - Finished Spring Data repository scanning in 35ms. Found 1
>>>> repository
>>>> interfaces.
>>>> [main] INFO
>>>> org.springframework.context.support.PostProcessorRegistrationDelegate$BeanPostProcessorChecker
>>>>
>>>> - Bean
>>>> 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration'
>>>>
>>>> of type
>>>> [org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration]
>>>>
>>>> is not eligible for getting processed by all BeanPostProcessors (for
>>>> example: not eligible for auto-proxying)
>>>> [main] INFO org.hibernate.jpa.internal.util.LogHelper -
>>>> HHH000204:
>>>> Processing PersistenceUnitInfo [name: default]
>>>> [main] INFO org.hibernate.Version - HHH000412: Hibernate Core
>>>> {5.4.6.Final}
>>>> [main] INFO org.hibernate.annotations.common.Version -
>>>> HCANN000001:
>>>> Hibernate Commons Annotations {5.1.0.Final}
>>>> [main] WARN
>>>> org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
>>>> HHH000342: Could not obtain connection to query metadata : Cannot
>>>> create
>>>> PoolableConnectionFactory (Could not find a java cryptographic
>>>> algorithm: Cannot find any provider supporting
>>>> 1.2.840.113549.1.5.13.)
>>>> [main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
>>>> dialect: org.hibernate.dialect.PostgreSQLDialect
>>>> [main] INFO
>>>> org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
>>>>
>>>> - HHH000490: Using JtaPlatform implementation:
>>>> [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
>>>> [main] INFO
>>>> org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
>>>> Initialized JPA EntityManagerFactory for persistence unit 'default'
>>>> [main] WARN
>>>> org.springframework.boot.autoconfigure.orm.jpa.JpaBaseConfiguration$JpaWebConfiguration
>>>>
>>>> - spring.jpa.open-in-view is enabled by default. Therefore, database
>>>> queries may be performed during view rendering. Explicitly configure
>>>> spring.jpa.open-in-view to disable this warning
>>>> addResourceHandlers
>>>> [main] INFO com.kodekonveyor.market.SpringConfig -
>>>> addResourceHandlers
>>>> viewResolver
>>>> [main] INFO com.kodekonveyor.market.SpringConfig -
>>>> viewResolver
>>>> [main] INFO org.springframework.web.context.ContextLoader -
>>>> Root
>>>> WebApplicationContext initialized in 12786 ms
>>>> Initializing Spring DispatcherServlet 'DispatcherServlet'
>>>> [main] INFO org.springframework.web.servlet.DispatcherServlet
>>>> -
>>>> Initializing Servlet 'DispatcherServlet'
>>>> [main] INFO org.springframework.web.servlet.DispatcherServlet
>>>> -
>>>> Completed initialization in 17 ms
>>>> Initializing Spring DispatcherServlet 'dispatcher'
>>>> [main] INFO org.springframework.web.servlet.DispatcherServlet
>>>> -
>>>> Initializing Servlet 'dispatcher'
>>>> [main] INFO
>>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>>
>>>> - Bootstrapping Spring Data repositories in DEFAULT mode.
>>>> [main] INFO
>>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>>
>>>> - Finished Spring Data repository scanning in 13ms. Found 1
>>>> repository
>>>> interfaces.
>>>> [main] INFO org.hibernate.jpa.internal.util.LogHelper -
>>>> HHH000204:
>>>> Processing PersistenceUnitInfo [name: default]
>>>> [main] WARN
>>>> org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
>>>> HHH000342: Could not obtain connection to query metadata : Cannot
>>>> create
>>>> PoolableConnectionFactory (Could not find a java cryptographic
>>>> algorithm: Cannot find any provider supporting
>>>> 1.2.840.113549.1.5.13.)
>>>> [main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
>>>> dialect: org.hibernate.dialect.PostgreSQLDialect
>>>> [main] INFO
>>>> org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
>>>>
>>>> - HHH000490: Using JtaPlatform implementation:
>>>> [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
>>>> [main] INFO
>>>> org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
>>>> Initialized JPA EntityManagerFactory for persistence unit 'default'
>>>> addResourceHandlers
>>>> [main] INFO com.kodekonveyor.market.SpringConfig -
>>>> addResourceHandlers
>>>> viewResolver
>>>> [main] INFO com.kodekonveyor.market.SpringConfig -
>>>> viewResolver
>>>> [main] INFO org.springframework.web.servlet.DispatcherServlet
>>>> -
>>>> Completed initialization in 1378 ms
>>>> Deployment of web application archive
>>>> [/var/lib/tomcat9/webapps/market.war] has finished in [25,639] ms
>>>> Deploying web application directory
>>>> [/var/lib/tomcat9/webapps/ROOT]
>>>> At least one JAR was scanned for TLDs yet contained no TLDs.
>>>> Enable
>>>> debug logging for this logger for a complete list of JARs that were
>>>> scanned but no TLDs were found in them. Skipping unneeded JARs
>>>> during
>>>> scanning can improve startup time and JSP compilation time.
>>>> Deployment of web application directory
>>>> [/var/lib/tomcat9/webapps/ROOT] has finished in [1,491] ms
>>>> Starting ProtocolHandler ["ajp-nio-8009"]
>>>> Server startup in [27,448] milliseconds
>>>> [ajp-nio-8009-exec-1] INFO
>>>> com.kodekonveyor.market.servlets.LoginServlet -
>>>> service:com.kodekonveyor.market.login.LoginService@3e6bbac6
>>>> [ajp-nio-8009-exec-1] INFO
>>>> com.kodekonveyor.market.login.LoginService - LoginService.call
>>>> [ajp-nio-8009-exec-1] INFO
>>>> com.kodekonveyor.market.login.LoginService - githubSecret:s4cred
>>>> S3cr3t
>>>> Hibernate: select user0_.id as id1_0_, user0_.auth0id as
>>>> auth2_0_,
>>>> user0_.email as email3_0_, user0_.name as name4_0_ from User user0_
>>>> where user0_.auth0id=?
>>>> [ajp-nio-8009-exec-1] WARN
>>>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper - SQL Error: 0,
>>>> SQLState: null
>>>> [ajp-nio-8009-exec-1] ERROR
>>>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper - Cannot create
>>>> PoolableConnectionFactory (Could not find a java cryptographic
>>>> algorithm: Cannot find any provider supporting
>>>> 1.2.840.113549.1.5.13.)
>>>> Servlet.service() for servlet
>>>> [com.kodekonveyor.market.servlets.LoginServlet] in context with path
>>>> [/market] threw exception
>>>> org.springframework.orm.jpa.JpaSystemException: Unable to
>>>> acquire
>>>> JDBC Connection; nested exception is
>>>> org.hibernate.exception.GenericJDBCException: Unable to acquire JDBC
>>>> Connection
>>>> at
>>>> org.springframework.orm.jpa.vendor.HibernateJpaDialect.convertHibernateAccessException(HibernateJpaDialect.java:352)
>>>>
>>>> at
>>>> org.springframework.orm.jpa.vendor.HibernateJpaDialect.translateExceptionIfPossible(HibernateJpaDialect.java:254)
>>>>
>>>> at
>>>> org.springframework.orm.jpa.AbstractEntityManagerFactoryBean.translateExceptionIfPossible(AbstractEntityManagerFactoryBean.java:528)
>>>>
>>>> at
>>>> org.springframework.dao.support.ChainedPersistenceExceptionTranslator.translateExceptionIfPossible(ChainedPersistenceExceptionTranslator.java:61)
>>>>
>>>> at
>>>> org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:242)
>>>>
>>>> at
>>>> org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:153)
>>>>
>>>> at
>>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>>
>>>> at
>>>> org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$CrudMethodMetadataPopulatingMethodInterceptor.invoke(CrudMethodMetadataPostProcessor.java:149)
>>>>
>>>> at
>>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>>
>>>> at
>>>> org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)
>>>>
>>>> at
>>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>>
>>>> at
>>>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
>>>>
>>>> at com.sun.proxy.$Proxy75.findByAuth0id(Unknown Source)
>>>> at
>>>> com.kodekonveyor.market.login.LoginService.call(LoginService.java:41)
>>>> at
>>>> com.kodekonveyor.market.servlets.LoginServlet.doGet(LoginServlet.java:29)
>>>>
>>>> at
>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
>>>> at
>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>>>>
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>>>
>>>> at
>>>> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>>>
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>>>
>>>> at
>>>> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
>>>>
>>>> at
>>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>>>>
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>>>
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>>>
>>>> at
>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
>>>>
>>>> at
>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
>>>>
>>>> at
>>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
>>>>
>>>> at
>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
>>>>
>>>> at
>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
>>>>
>>>> at
>>>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
>>>>
>>>> at
>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
>>>>
>>>> at
>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
>>>>
>>>> at
>>>> org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:394)
>>>> at
>>>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
>>>>
>>>> at
>>>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834)
>>>>
>>>> at
>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
>>>>
>>>> at
>>>> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
>>>>
>>>> at
>>>> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
>>>>
>>>> at
>>>> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
>>>>
>>>> at
>>>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>>>>
>>>> at java.base/java.lang.Thread.run(Thread.java:834)
>>>> Caused by: org.hibernate.exception.GenericJDBCException:
>>>> Unable to
>>>> acquire JDBC Connection
>>>> at
>>>> org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:47)
>>>>
>>>> at
>>>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:113)
>>>>
>>>> at
>>>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:99)
>>>>
>>>> at
>>>> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:107)
>>>>
>>>> at
>>>> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.getPhysicalConnection(LogicalConnectionManagedImpl.java:134)
>>>>
>>>> at
>>>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl.connection(StatementPreparerImpl.java:50)
>>>>
>>>> at
>>>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl$5.doPrepare(StatementPreparerImpl.java:149)
>>>>
>>>> at
>>>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl$StatementPreparationTemplate.prepareStatement(StatementPreparerImpl.java:176)
>>>>
>>>> at
>>>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl.prepareQueryStatement(StatementPreparerImpl.java:151)
>>>>
>>>> at
>>>> org.hibernate.loader.Loader.prepareQueryStatement(Loader.java:2099)
>>>> at
>>>> org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2029)
>>>> at
>>>> org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2007)
>>>> at org.hibernate.loader.Loader.doQuery(Loader.java:953)
>>>> at
>>>> org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:354)
>>>>
>>>> at org.hibernate.loader.Loader.doList(Loader.java:2810)
>>>> at org.hibernate.loader.Loader.doList(Loader.java:2792)
>>>> at
>>>> org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2624)
>>>> at org.hibernate.loader.Loader.list(Loader.java:2619)
>>>> at
>>>> org.hibernate.loader.hql.QueryLoader.list(QueryLoader.java:506)
>>>> at
>>>> org.hibernate.hql.internal.ast.QueryTranslatorImpl.list(QueryTranslatorImpl.java:396)
>>>>
>>>> at
>>>> org.hibernate.engine.query.spi.HQLQueryPlan.performList(HQLQueryPlan.java:219)
>>>>
>>>> at
>>>> org.hibernate.internal.SessionImpl.list(SessionImpl.java:1410)
>>>> at
>>>> org.hibernate.query.internal.AbstractProducedQuery.doList(AbstractProducedQuery.java:1558)
>>>>
>>>> at
>>>> org.hibernate.query.internal.AbstractProducedQuery.list(AbstractProducedQuery.java:1526)
>>>>
>>>> at org.hibernate.query.Query.getResultList(Query.java:165)
>>>> at
>>>> org.hibernate.query.criteria.internal.compile.CriteriaQueryTypeQueryAdapter.getResultList(CriteriaQueryTypeQueryAdapter.java:76)
>>>>
>>>> at
>>>> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>> Method)
>>>> at
>>>> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>>>>
>>>> at
>>>> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>>
>>>> at
>>>> java.base/java.lang.reflect.Method.invoke(Method.java:566)
>>>> at
>>>> org.springframework.orm.jpa.SharedEntityManagerCreator$DeferredQueryInvocationHandler.invoke(SharedEntityManagerCreator.java:409)
>>>>
>>>> at com.sun.proxy.$Proxy87.getResultList(Unknown Source)
>>>> at
>>>> org.springframework.data.jpa.repository.query.JpaQueryExecution$CollectionExecution.doExecute(JpaQueryExecution.java:126)
>>>>
>>>> at
>>>> org.springframework.data.jpa.repository.query.JpaQueryExecution.execute(JpaQueryExecution.java:88)
>>>>
>>>> at
>>>> org.springframework.data.jpa.repository.query.AbstractJpaQuery.doExecute(AbstractJpaQuery.java:154)
>>>>
>>>> at
>>>> org.springframework.data.jpa.repository.query.AbstractJpaQuery.execute(AbstractJpaQuery.java:142)
>>>>
>>>> at
>>>> org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.doInvoke(RepositoryFactorySupport.java:618)
>>>>
>>>> at
>>>> org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.invoke(RepositoryFactorySupport.java:605)
>>>>
>>>> at
>>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>>
>>>> at
>>>> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:353)
>>>>
>>>> at
>>>> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:99)
>>>>
>>>> at
>>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>>
>>>> at
>>>> org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:139)
>>>>
>>>> ... 38 more
>>>> Caused by: java.sql.SQLException: Cannot create
>>>> PoolableConnectionFactory (Could not find a java cryptographic
>>>> algorithm: Cannot find any provider supporting
>>>> 1.2.840.113549.1.5.13.)
>>>> at
>>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:735)
>>>>
>>>> at
>>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:605)
>>>>
>>>> at
>>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getConnection(BasicDataSource.java:794)
>>>>
>>>> at
>>>> org.hibernate.engine.jdbc.connections.internal.DatasourceConnectionProviderImpl.getConnection(DatasourceConnectionProviderImpl.java:122)
>>>>
>>>> at
>>>> org.hibernate.internal.NonContextualJdbcConnectionAccess.obtainConnection(NonContextualJdbcConnectionAccess.java:38)
>>>>
>>>> at
>>>> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:104)
>>>>
>>>> ... 77 more
>>>> Caused by: org.postgresql.util.PSQLException: Could not find a
>>>> java
>>>> cryptographic algorithm: Cannot find any provider supporting
>>>> 1.2.840.113549.1.5.13.
>>>> at
>>>> org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:253)
>>>> at
>>>> java.base/sun.security.ssl.AbstractKeyManagerWrapper.getPrivateKey(SSLContextImpl.java:1764)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createClientPossession(X509Authentication.java:197)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createPossession(X509Authentication.java:154)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.X509Authentication.createPossession(X509Authentication.java:87)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.choosePossession(CertificateMessage.java:1052)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.onProduceCertificate(CertificateMessage.java:1073)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.produce(CertificateMessage.java:930)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
>>>> at
>>>> java.base/sun.security.ssl.Finished$T13FinishedConsumer.onConsumeFinished(Finished.java:981)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.Finished$T13FinishedConsumer.consume(Finished.java:856)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
>>>> at
>>>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:177)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
>>>> at
>>>> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
>>>> at
>>>> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
>>>>
>>>> at
>>>> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
>>>>
>>>> at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:40)
>>>> at
>>>> org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:441)
>>>>
>>>> at
>>>> org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:94)
>>>>
>>>> at
>>>> org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
>>>>
>>>> at
>>>> org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
>>>>
>>>> at
>>>> org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
>>>> at org.postgresql.Driver.makeConnection(Driver.java:458)
>>>> at org.postgresql.Driver.connect(Driver.java:260)
>>>> at
>>>> org.apache.tomcat.dbcp.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:53)
>>>>
>>>> at
>>>> org.apache.tomcat.dbcp.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:355)
>>>>
>>>> at
>>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:116)
>>>>
>>>> at
>>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:731)
>>>>
>>>> ... 82 more
>>>> Caused by: java.security.NoSuchAlgorithmException: Cannot find
>>>> any
>>>> provider supporting 1.2.840.113549.1.5.13
>>>> at
>>>> java.base/javax.crypto.Cipher.getInstance(Cipher.java:565)
>>>> at
>>>> org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:205)
>>>> ... 112 more
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: postgresql jndi datasource with certificate authentication?
Posted by Christopher Schultz <ch...@christopherschultz.net>.
Magosányi,
On 10/22/19 11:09, Magosányi Árpád wrote:
> As I understand you are suggesting to use direct connection to the database.
> The servlet needs a JNDI datasource, and the question is about
> configuring that datasource in tomcat.
> As I can modify the servlet, I could choose to set up hibernate in other
> ways, but I would like to separate the concerns of providing the
> database and using it between the operations staff and development.
> And JNDI is exactly for that.
I think Peter was suggesting that you change your connection URL and the
format of your keystore.
PKCS#8 is not a recognized format for Java keystores; you'll need to use
JKS or PKCS#12 (recommended, as JKS is being deprecated).
-chris
> On 10/22/19 2:27 PM, logo wrote:
>> Arpad,
>>
>> have you tried sth like this:
>>
>> StringBuffer sb = new
>> StringBuffer("jdbc:postgresql://infra.kodekonveyor.com:5432/users?useSSL=true&useUnicode=true&characterEncoding=UTF-8&");
>> sb.append("user=market&password=<pw>&");
>>
>> sb.append("clientCertificateKeyStoreUrl=file:////var/lib/tomcat9/.postgresql/client.jks&");
>> sb.append("clientCertificateKeyStorePassword=changeit");
>>
>> Connection c = DriverManager.getConnection(sb.toString());
>>
>> and convert the pem certificate to JKS/P12 ? I have this working in
>> mysql...
>>
>> Peter
>>
>> Am 2019-10-22 12:56, schrieb Magosányi Árpád:
>>> Hi!
>>>
>>> Anyone have a postgresql jndi datasource with certificate authentication
>>> working?
>>>
>>> I have the following in context.xml:
>>>
>>> <Resource name="jdbc/users" auth="Container"
>>> type="javax.sql.DataSource"
>>> driverClassName="org.postgresql.Driver"
>>>
>>> url="jdbc:postgresql://infra.kodekonveyor.com:5432/users?ssl=true&sslmode=verify-ca"
>>>
>>> username="market" maxTotal="20" maxIdle="10"
>>> maxWaitMillis="-1"/>
>>>
>>> I have this in ~tomcat/.postgresql:
>>>
>>> root@market:/var/lib/tomcat9/.postgresql# ls -lL
>>> total 11
>>> -rw-r--r-- 1 root root 4597 Oct 21 12:49 postgresql.crt
>>> -r-------- 1 tomcat root 1329 Oct 21 17:40 postgresql.pk8
>>> -rw-r--r-- 1 root root 1493 Oct 21 12:49 root.crt
>>>
>>> where the crt file is a pem client certificate, root.crt is the ca cert,
>>> and pk8 is the client key in der pkcs-8 format.
>>>
>>> The logs:
>>>
>>> NOTE: Picked up JDK_JAVA_OPTIONS:
>>> --add-opens=java.base/java.lang=ALL-UNNAMED
>>> --add-opens=java.base/java.io=ALL-UNNAMED
>>> --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
>>> Server version name: Apache Tomcat/9.0.16 (Ubuntu)
>>> Server built: Sep 11 2019 19:47:51 UTC
>>> Server version number: 9.0.16.0
>>> OS Name: Linux
>>> OS Version: 4.15.0-65-generic
>>> Architecture: amd64
>>> Java Home: /usr/lib/jvm/java-11-openjdk-amd64
>>> JVM Version: 11.0.4+11-post-Ubuntu-1ubuntu218.04.3
>>> JVM Vendor: Ubuntu
>>> CATALINA_BASE: /var/lib/tomcat9
>>> CATALINA_HOME: /usr/share/tomcat9
>>> Command line argument: --add-opens=java.base/java.lang=ALL-UNNAMED
>>> Command line argument: --add-opens=java.base/java.io=ALL-UNNAMED
>>> Command line argument:
>>> --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
>>> Command line argument:
>>> -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties
>>> Command line argument:
>>> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
>>> Command line argument: -Djava.awt.headless=true
>>> Command line argument: -XX:+UseG1GC
>>> Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
>>> Command line argument:
>>> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
>>> Command line argument:
>>> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
>>> Command line argument: -Dignore.endorsed.dirs=
>>> Command line argument: -Dcatalina.base=/var/lib/tomcat9
>>> Command line argument: -Dcatalina.home=/usr/share/tomcat9
>>> Command line argument: -Djava.io.tmpdir=/tmp
>>> Loaded APR based Apache Tomcat Native library [1.2.21] using APR
>>> version [1.6.3].
>>> APR capabilities: IPv6 [true], sendfile [true], accept filters
>>> [false], random [true].
>>> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL
>>> [true]
>>> OpenSSL successfully initialized [OpenSSL 1.1.1 11 Sep 2018]
>>> Initializing ProtocolHandler ["ajp-nio-8009"]
>>> Server initialization in [1,859] milliseconds
>>> Starting service [Catalina]
>>> Starting Servlet engine: [Apache Tomcat/9.0.16 (Ubuntu)]
>>> Deploying web application archive
>>> [/var/lib/tomcat9/webapps/market.war]
>>> SLF4J: Class path contains multiple SLF4J bindings.
>>> SLF4J: Found binding in
>>> [jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/slf4j-simple-1.7.24.jar!/org/slf4j/impl/StaticLoggerBinder.class]
>>>
>>> SLF4J: Found binding in
>>> [jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/logback-classic-1.2.3.jar!/org/slf4j/impl/StaticLoggerBinder.class]
>>>
>>> SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an
>>> explanation.
>>> SLF4J: Actual binding is of type
>>> [org.slf4j.impl.SimpleLoggerFactory]
>>> 3 Spring WebApplicationInitializers detected on classpath
>>> onStartup
>>> getContext
>>> getRootConfigClasses
>>> [main] INFO com.kodekonveyor.market.WebInitializer -
>>> getRootConfigClasses
>>> getServletConfigClasses
>>> [main] INFO com.kodekonveyor.market.WebInitializer -
>>> getServletConfigClasses
>>> getServletMappings
>>> [main] INFO com.kodekonveyor.market.WebInitializer -
>>> getServletMappings
>>> At least one JAR was scanned for TLDs yet contained no TLDs. Enable
>>> debug logging for this logger for a complete list of JARs that were
>>> scanned but no TLDs were found in them. Skipping unneeded JARs during
>>> scanning can improve startup time and JSP compilation time.
>>> Initializing Spring root WebApplicationContext
>>> [main] INFO org.springframework.web.context.ContextLoader - Root
>>> WebApplicationContext: initialization started
>>> [main] INFO
>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>
>>> - Bootstrapping Spring Data repositories in DEFAULT mode.
>>> [main] INFO
>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>
>>> - Finished Spring Data repository scanning in 198ms. Found 1 repository
>>> interfaces.
>>> [main] INFO
>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>
>>> - Bootstrapping Spring Data repositories in DEFAULT mode.
>>> [main] INFO
>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>
>>> - Finished Spring Data repository scanning in 35ms. Found 1 repository
>>> interfaces.
>>> [main] INFO
>>> org.springframework.context.support.PostProcessorRegistrationDelegate$BeanPostProcessorChecker
>>>
>>> - Bean
>>> 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration'
>>>
>>> of type
>>> [org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration]
>>>
>>> is not eligible for getting processed by all BeanPostProcessors (for
>>> example: not eligible for auto-proxying)
>>> [main] INFO org.hibernate.jpa.internal.util.LogHelper - HHH000204:
>>> Processing PersistenceUnitInfo [name: default]
>>> [main] INFO org.hibernate.Version - HHH000412: Hibernate Core
>>> {5.4.6.Final}
>>> [main] INFO org.hibernate.annotations.common.Version - HCANN000001:
>>> Hibernate Commons Annotations {5.1.0.Final}
>>> [main] WARN
>>> org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
>>> HHH000342: Could not obtain connection to query metadata : Cannot create
>>> PoolableConnectionFactory (Could not find a java cryptographic
>>> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
>>> [main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
>>> dialect: org.hibernate.dialect.PostgreSQLDialect
>>> [main] INFO
>>> org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
>>>
>>> - HHH000490: Using JtaPlatform implementation:
>>> [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
>>> [main] INFO
>>> org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
>>> Initialized JPA EntityManagerFactory for persistence unit 'default'
>>> [main] WARN
>>> org.springframework.boot.autoconfigure.orm.jpa.JpaBaseConfiguration$JpaWebConfiguration
>>>
>>> - spring.jpa.open-in-view is enabled by default. Therefore, database
>>> queries may be performed during view rendering. Explicitly configure
>>> spring.jpa.open-in-view to disable this warning
>>> addResourceHandlers
>>> [main] INFO com.kodekonveyor.market.SpringConfig -
>>> addResourceHandlers
>>> viewResolver
>>> [main] INFO com.kodekonveyor.market.SpringConfig - viewResolver
>>> [main] INFO org.springframework.web.context.ContextLoader - Root
>>> WebApplicationContext initialized in 12786 ms
>>> Initializing Spring DispatcherServlet 'DispatcherServlet'
>>> [main] INFO org.springframework.web.servlet.DispatcherServlet -
>>> Initializing Servlet 'DispatcherServlet'
>>> [main] INFO org.springframework.web.servlet.DispatcherServlet -
>>> Completed initialization in 17 ms
>>> Initializing Spring DispatcherServlet 'dispatcher'
>>> [main] INFO org.springframework.web.servlet.DispatcherServlet -
>>> Initializing Servlet 'dispatcher'
>>> [main] INFO
>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>
>>> - Bootstrapping Spring Data repositories in DEFAULT mode.
>>> [main] INFO
>>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>>
>>> - Finished Spring Data repository scanning in 13ms. Found 1 repository
>>> interfaces.
>>> [main] INFO org.hibernate.jpa.internal.util.LogHelper - HHH000204:
>>> Processing PersistenceUnitInfo [name: default]
>>> [main] WARN
>>> org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
>>> HHH000342: Could not obtain connection to query metadata : Cannot create
>>> PoolableConnectionFactory (Could not find a java cryptographic
>>> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
>>> [main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
>>> dialect: org.hibernate.dialect.PostgreSQLDialect
>>> [main] INFO
>>> org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
>>>
>>> - HHH000490: Using JtaPlatform implementation:
>>> [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
>>> [main] INFO
>>> org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
>>> Initialized JPA EntityManagerFactory for persistence unit 'default'
>>> addResourceHandlers
>>> [main] INFO com.kodekonveyor.market.SpringConfig -
>>> addResourceHandlers
>>> viewResolver
>>> [main] INFO com.kodekonveyor.market.SpringConfig - viewResolver
>>> [main] INFO org.springframework.web.servlet.DispatcherServlet -
>>> Completed initialization in 1378 ms
>>> Deployment of web application archive
>>> [/var/lib/tomcat9/webapps/market.war] has finished in [25,639] ms
>>> Deploying web application directory [/var/lib/tomcat9/webapps/ROOT]
>>> At least one JAR was scanned for TLDs yet contained no TLDs. Enable
>>> debug logging for this logger for a complete list of JARs that were
>>> scanned but no TLDs were found in them. Skipping unneeded JARs during
>>> scanning can improve startup time and JSP compilation time.
>>> Deployment of web application directory
>>> [/var/lib/tomcat9/webapps/ROOT] has finished in [1,491] ms
>>> Starting ProtocolHandler ["ajp-nio-8009"]
>>> Server startup in [27,448] milliseconds
>>> [ajp-nio-8009-exec-1] INFO
>>> com.kodekonveyor.market.servlets.LoginServlet -
>>> service:com.kodekonveyor.market.login.LoginService@3e6bbac6
>>> [ajp-nio-8009-exec-1] INFO
>>> com.kodekonveyor.market.login.LoginService - LoginService.call
>>> [ajp-nio-8009-exec-1] INFO
>>> com.kodekonveyor.market.login.LoginService - githubSecret:s4cred S3cr3t
>>> Hibernate: select user0_.id as id1_0_, user0_.auth0id as auth2_0_,
>>> user0_.email as email3_0_, user0_.name as name4_0_ from User user0_
>>> where user0_.auth0id=?
>>> [ajp-nio-8009-exec-1] WARN
>>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper - SQL Error: 0,
>>> SQLState: null
>>> [ajp-nio-8009-exec-1] ERROR
>>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper - Cannot create
>>> PoolableConnectionFactory (Could not find a java cryptographic
>>> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
>>> Servlet.service() for servlet
>>> [com.kodekonveyor.market.servlets.LoginServlet] in context with path
>>> [/market] threw exception
>>> org.springframework.orm.jpa.JpaSystemException: Unable to acquire
>>> JDBC Connection; nested exception is
>>> org.hibernate.exception.GenericJDBCException: Unable to acquire JDBC
>>> Connection
>>> at
>>> org.springframework.orm.jpa.vendor.HibernateJpaDialect.convertHibernateAccessException(HibernateJpaDialect.java:352)
>>>
>>> at
>>> org.springframework.orm.jpa.vendor.HibernateJpaDialect.translateExceptionIfPossible(HibernateJpaDialect.java:254)
>>>
>>> at
>>> org.springframework.orm.jpa.AbstractEntityManagerFactoryBean.translateExceptionIfPossible(AbstractEntityManagerFactoryBean.java:528)
>>>
>>> at
>>> org.springframework.dao.support.ChainedPersistenceExceptionTranslator.translateExceptionIfPossible(ChainedPersistenceExceptionTranslator.java:61)
>>>
>>> at
>>> org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:242)
>>>
>>> at
>>> org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:153)
>>>
>>> at
>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>
>>> at
>>> org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$CrudMethodMetadataPopulatingMethodInterceptor.invoke(CrudMethodMetadataPostProcessor.java:149)
>>>
>>> at
>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>
>>> at
>>> org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)
>>>
>>> at
>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>
>>> at
>>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
>>>
>>> at com.sun.proxy.$Proxy75.findByAuth0id(Unknown Source)
>>> at
>>> com.kodekonveyor.market.login.LoginService.call(LoginService.java:41)
>>> at
>>> com.kodekonveyor.market.servlets.LoginServlet.doGet(LoginServlet.java:29)
>>>
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>>>
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>>
>>> at
>>> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>>
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>>
>>> at
>>> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
>>>
>>> at
>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>>>
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>>
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>>
>>> at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
>>>
>>> at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
>>>
>>> at
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
>>>
>>> at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
>>>
>>> at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
>>>
>>> at
>>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
>>>
>>> at
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
>>>
>>> at
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
>>>
>>> at
>>> org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:394)
>>> at
>>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
>>>
>>> at
>>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834)
>>>
>>> at
>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
>>>
>>> at
>>> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
>>>
>>> at
>>> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
>>>
>>> at
>>> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
>>>
>>> at
>>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>>>
>>> at java.base/java.lang.Thread.run(Thread.java:834)
>>> Caused by: org.hibernate.exception.GenericJDBCException: Unable to
>>> acquire JDBC Connection
>>> at
>>> org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:47)
>>>
>>> at
>>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:113)
>>>
>>> at
>>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:99)
>>>
>>> at
>>> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:107)
>>>
>>> at
>>> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.getPhysicalConnection(LogicalConnectionManagedImpl.java:134)
>>>
>>> at
>>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl.connection(StatementPreparerImpl.java:50)
>>>
>>> at
>>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl$5.doPrepare(StatementPreparerImpl.java:149)
>>>
>>> at
>>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl$StatementPreparationTemplate.prepareStatement(StatementPreparerImpl.java:176)
>>>
>>> at
>>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl.prepareQueryStatement(StatementPreparerImpl.java:151)
>>>
>>> at
>>> org.hibernate.loader.Loader.prepareQueryStatement(Loader.java:2099)
>>> at
>>> org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2029)
>>> at
>>> org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2007)
>>> at org.hibernate.loader.Loader.doQuery(Loader.java:953)
>>> at
>>> org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:354)
>>>
>>> at org.hibernate.loader.Loader.doList(Loader.java:2810)
>>> at org.hibernate.loader.Loader.doList(Loader.java:2792)
>>> at
>>> org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2624)
>>> at org.hibernate.loader.Loader.list(Loader.java:2619)
>>> at
>>> org.hibernate.loader.hql.QueryLoader.list(QueryLoader.java:506)
>>> at
>>> org.hibernate.hql.internal.ast.QueryTranslatorImpl.list(QueryTranslatorImpl.java:396)
>>>
>>> at
>>> org.hibernate.engine.query.spi.HQLQueryPlan.performList(HQLQueryPlan.java:219)
>>>
>>> at
>>> org.hibernate.internal.SessionImpl.list(SessionImpl.java:1410)
>>> at
>>> org.hibernate.query.internal.AbstractProducedQuery.doList(AbstractProducedQuery.java:1558)
>>>
>>> at
>>> org.hibernate.query.internal.AbstractProducedQuery.list(AbstractProducedQuery.java:1526)
>>>
>>> at org.hibernate.query.Query.getResultList(Query.java:165)
>>> at
>>> org.hibernate.query.criteria.internal.compile.CriteriaQueryTypeQueryAdapter.getResultList(CriteriaQueryTypeQueryAdapter.java:76)
>>>
>>> at
>>> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
>>> Method)
>>> at
>>> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>>>
>>> at
>>> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>
>>> at java.base/java.lang.reflect.Method.invoke(Method.java:566)
>>> at
>>> org.springframework.orm.jpa.SharedEntityManagerCreator$DeferredQueryInvocationHandler.invoke(SharedEntityManagerCreator.java:409)
>>>
>>> at com.sun.proxy.$Proxy87.getResultList(Unknown Source)
>>> at
>>> org.springframework.data.jpa.repository.query.JpaQueryExecution$CollectionExecution.doExecute(JpaQueryExecution.java:126)
>>>
>>> at
>>> org.springframework.data.jpa.repository.query.JpaQueryExecution.execute(JpaQueryExecution.java:88)
>>>
>>> at
>>> org.springframework.data.jpa.repository.query.AbstractJpaQuery.doExecute(AbstractJpaQuery.java:154)
>>>
>>> at
>>> org.springframework.data.jpa.repository.query.AbstractJpaQuery.execute(AbstractJpaQuery.java:142)
>>>
>>> at
>>> org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.doInvoke(RepositoryFactorySupport.java:618)
>>>
>>> at
>>> org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.invoke(RepositoryFactorySupport.java:605)
>>>
>>> at
>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>
>>> at
>>> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:353)
>>>
>>> at
>>> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:99)
>>>
>>> at
>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>>
>>> at
>>> org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:139)
>>>
>>> ... 38 more
>>> Caused by: java.sql.SQLException: Cannot create
>>> PoolableConnectionFactory (Could not find a java cryptographic
>>> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
>>> at
>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:735)
>>>
>>> at
>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:605)
>>>
>>> at
>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getConnection(BasicDataSource.java:794)
>>>
>>> at
>>> org.hibernate.engine.jdbc.connections.internal.DatasourceConnectionProviderImpl.getConnection(DatasourceConnectionProviderImpl.java:122)
>>>
>>> at
>>> org.hibernate.internal.NonContextualJdbcConnectionAccess.obtainConnection(NonContextualJdbcConnectionAccess.java:38)
>>>
>>> at
>>> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:104)
>>>
>>> ... 77 more
>>> Caused by: org.postgresql.util.PSQLException: Could not find a java
>>> cryptographic algorithm: Cannot find any provider supporting
>>> 1.2.840.113549.1.5.13.
>>> at
>>> org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:253)
>>> at
>>> java.base/sun.security.ssl.AbstractKeyManagerWrapper.getPrivateKey(SSLContextImpl.java:1764)
>>>
>>> at
>>> java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createClientPossession(X509Authentication.java:197)
>>>
>>> at
>>> java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createPossession(X509Authentication.java:154)
>>>
>>> at
>>> java.base/sun.security.ssl.X509Authentication.createPossession(X509Authentication.java:87)
>>>
>>> at
>>> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.choosePossession(CertificateMessage.java:1052)
>>>
>>> at
>>> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.onProduceCertificate(CertificateMessage.java:1073)
>>>
>>> at
>>> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.produce(CertificateMessage.java:930)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
>>> at
>>> java.base/sun.security.ssl.Finished$T13FinishedConsumer.onConsumeFinished(Finished.java:981)
>>>
>>> at
>>> java.base/sun.security.ssl.Finished$T13FinishedConsumer.consume(Finished.java:856)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
>>> at
>>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
>>>
>>> at
>>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
>>>
>>> at
>>> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:177)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
>>> at
>>> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
>>> at
>>> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
>>>
>>> at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:40)
>>> at
>>> org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:441)
>>>
>>> at
>>> org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:94)
>>>
>>> at
>>> org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
>>>
>>> at
>>> org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
>>>
>>> at
>>> org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
>>> at org.postgresql.Driver.makeConnection(Driver.java:458)
>>> at org.postgresql.Driver.connect(Driver.java:260)
>>> at
>>> org.apache.tomcat.dbcp.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:53)
>>>
>>> at
>>> org.apache.tomcat.dbcp.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:355)
>>>
>>> at
>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:116)
>>>
>>> at
>>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:731)
>>>
>>> ... 82 more
>>> Caused by: java.security.NoSuchAlgorithmException: Cannot find any
>>> provider supporting 1.2.840.113549.1.5.13
>>> at java.base/javax.crypto.Cipher.getInstance(Cipher.java:565)
>>> at
>>> org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:205)
>>> ... 112 more
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: postgresql jndi datasource with certificate authentication?
Posted by Magosányi Árpád <m4...@gmail.com>.
Peter,
As I understand you are suggesting to use direct connection to the database.
The servlet needs a JNDI datasource, and the question is about
configuring that datasource in tomcat.
As I can modify the servlet, I could choose to set up hibernate in other
ways, but I would like to separate the concerns of providing the
database and using it between the operations staff and development.
And JNDI is exactly for that.
On 10/22/19 2:27 PM, logo wrote:
> Arpad,
>
> have you tried sth like this:
>
> StringBuffer sb = new
> StringBuffer("jdbc:postgresql://infra.kodekonveyor.com:5432/users?useSSL=true&useUnicode=true&characterEncoding=UTF-8&");
> sb.append("user=market&password=<pw>&");
>
> sb.append("clientCertificateKeyStoreUrl=file:////var/lib/tomcat9/.postgresql/client.jks&");
> sb.append("clientCertificateKeyStorePassword=changeit");
>
> Connection c = DriverManager.getConnection(sb.toString());
>
> and convert the pem certificate to JKS/P12 ? I have this working in
> mysql...
>
> Peter
>
> Am 2019-10-22 12:56, schrieb Magosányi Árpád:
>> Hi!
>>
>> Anyone have a postgresql jndi datasource with certificate authentication
>> working?
>>
>> I have the following in context.xml:
>>
>> <Resource name="jdbc/users" auth="Container"
>> type="javax.sql.DataSource"
>> driverClassName="org.postgresql.Driver"
>>
>> url="jdbc:postgresql://infra.kodekonveyor.com:5432/users?ssl=true&sslmode=verify-ca"
>>
>> username="market" maxTotal="20" maxIdle="10"
>> maxWaitMillis="-1"/>
>>
>> I have this in ~tomcat/.postgresql:
>>
>> root@market:/var/lib/tomcat9/.postgresql# ls -lL
>> total 11
>> -rw-r--r-- 1 root root 4597 Oct 21 12:49 postgresql.crt
>> -r-------- 1 tomcat root 1329 Oct 21 17:40 postgresql.pk8
>> -rw-r--r-- 1 root root 1493 Oct 21 12:49 root.crt
>>
>> where the crt file is a pem client certificate, root.crt is the ca cert,
>> and pk8 is the client key in der pkcs-8 format.
>>
>> The logs:
>>
>> NOTE: Picked up JDK_JAVA_OPTIONS:
>> --add-opens=java.base/java.lang=ALL-UNNAMED
>> --add-opens=java.base/java.io=ALL-UNNAMED
>> --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
>> Server version name: Apache Tomcat/9.0.16 (Ubuntu)
>> Server built: Sep 11 2019 19:47:51 UTC
>> Server version number: 9.0.16.0
>> OS Name: Linux
>> OS Version: 4.15.0-65-generic
>> Architecture: amd64
>> Java Home: /usr/lib/jvm/java-11-openjdk-amd64
>> JVM Version: 11.0.4+11-post-Ubuntu-1ubuntu218.04.3
>> JVM Vendor: Ubuntu
>> CATALINA_BASE: /var/lib/tomcat9
>> CATALINA_HOME: /usr/share/tomcat9
>> Command line argument: --add-opens=java.base/java.lang=ALL-UNNAMED
>> Command line argument: --add-opens=java.base/java.io=ALL-UNNAMED
>> Command line argument:
>> --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
>> Command line argument:
>> -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties
>> Command line argument:
>> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
>> Command line argument: -Djava.awt.headless=true
>> Command line argument: -XX:+UseG1GC
>> Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
>> Command line argument:
>> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
>> Command line argument:
>> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
>> Command line argument: -Dignore.endorsed.dirs=
>> Command line argument: -Dcatalina.base=/var/lib/tomcat9
>> Command line argument: -Dcatalina.home=/usr/share/tomcat9
>> Command line argument: -Djava.io.tmpdir=/tmp
>> Loaded APR based Apache Tomcat Native library [1.2.21] using APR
>> version [1.6.3].
>> APR capabilities: IPv6 [true], sendfile [true], accept filters
>> [false], random [true].
>> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL
>> [true]
>> OpenSSL successfully initialized [OpenSSL 1.1.1 11 Sep 2018]
>> Initializing ProtocolHandler ["ajp-nio-8009"]
>> Server initialization in [1,859] milliseconds
>> Starting service [Catalina]
>> Starting Servlet engine: [Apache Tomcat/9.0.16 (Ubuntu)]
>> Deploying web application archive
>> [/var/lib/tomcat9/webapps/market.war]
>> SLF4J: Class path contains multiple SLF4J bindings.
>> SLF4J: Found binding in
>> [jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/slf4j-simple-1.7.24.jar!/org/slf4j/impl/StaticLoggerBinder.class]
>>
>> SLF4J: Found binding in
>> [jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/logback-classic-1.2.3.jar!/org/slf4j/impl/StaticLoggerBinder.class]
>>
>> SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an
>> explanation.
>> SLF4J: Actual binding is of type
>> [org.slf4j.impl.SimpleLoggerFactory]
>> 3 Spring WebApplicationInitializers detected on classpath
>> onStartup
>> getContext
>> getRootConfigClasses
>> [main] INFO com.kodekonveyor.market.WebInitializer -
>> getRootConfigClasses
>> getServletConfigClasses
>> [main] INFO com.kodekonveyor.market.WebInitializer -
>> getServletConfigClasses
>> getServletMappings
>> [main] INFO com.kodekonveyor.market.WebInitializer -
>> getServletMappings
>> At least one JAR was scanned for TLDs yet contained no TLDs. Enable
>> debug logging for this logger for a complete list of JARs that were
>> scanned but no TLDs were found in them. Skipping unneeded JARs during
>> scanning can improve startup time and JSP compilation time.
>> Initializing Spring root WebApplicationContext
>> [main] INFO org.springframework.web.context.ContextLoader - Root
>> WebApplicationContext: initialization started
>> [main] INFO
>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>
>> - Bootstrapping Spring Data repositories in DEFAULT mode.
>> [main] INFO
>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>
>> - Finished Spring Data repository scanning in 198ms. Found 1 repository
>> interfaces.
>> [main] INFO
>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>
>> - Bootstrapping Spring Data repositories in DEFAULT mode.
>> [main] INFO
>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>
>> - Finished Spring Data repository scanning in 35ms. Found 1 repository
>> interfaces.
>> [main] INFO
>> org.springframework.context.support.PostProcessorRegistrationDelegate$BeanPostProcessorChecker
>>
>> - Bean
>> 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration'
>>
>> of type
>> [org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration]
>>
>> is not eligible for getting processed by all BeanPostProcessors (for
>> example: not eligible for auto-proxying)
>> [main] INFO org.hibernate.jpa.internal.util.LogHelper - HHH000204:
>> Processing PersistenceUnitInfo [name: default]
>> [main] INFO org.hibernate.Version - HHH000412: Hibernate Core
>> {5.4.6.Final}
>> [main] INFO org.hibernate.annotations.common.Version - HCANN000001:
>> Hibernate Commons Annotations {5.1.0.Final}
>> [main] WARN
>> org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
>> HHH000342: Could not obtain connection to query metadata : Cannot create
>> PoolableConnectionFactory (Could not find a java cryptographic
>> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
>> [main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
>> dialect: org.hibernate.dialect.PostgreSQLDialect
>> [main] INFO
>> org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
>>
>> - HHH000490: Using JtaPlatform implementation:
>> [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
>> [main] INFO
>> org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
>> Initialized JPA EntityManagerFactory for persistence unit 'default'
>> [main] WARN
>> org.springframework.boot.autoconfigure.orm.jpa.JpaBaseConfiguration$JpaWebConfiguration
>>
>> - spring.jpa.open-in-view is enabled by default. Therefore, database
>> queries may be performed during view rendering. Explicitly configure
>> spring.jpa.open-in-view to disable this warning
>> addResourceHandlers
>> [main] INFO com.kodekonveyor.market.SpringConfig -
>> addResourceHandlers
>> viewResolver
>> [main] INFO com.kodekonveyor.market.SpringConfig - viewResolver
>> [main] INFO org.springframework.web.context.ContextLoader - Root
>> WebApplicationContext initialized in 12786 ms
>> Initializing Spring DispatcherServlet 'DispatcherServlet'
>> [main] INFO org.springframework.web.servlet.DispatcherServlet -
>> Initializing Servlet 'DispatcherServlet'
>> [main] INFO org.springframework.web.servlet.DispatcherServlet -
>> Completed initialization in 17 ms
>> Initializing Spring DispatcherServlet 'dispatcher'
>> [main] INFO org.springframework.web.servlet.DispatcherServlet -
>> Initializing Servlet 'dispatcher'
>> [main] INFO
>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>
>> - Bootstrapping Spring Data repositories in DEFAULT mode.
>> [main] INFO
>> org.springframework.data.repository.config.RepositoryConfigurationDelegate
>>
>> - Finished Spring Data repository scanning in 13ms. Found 1 repository
>> interfaces.
>> [main] INFO org.hibernate.jpa.internal.util.LogHelper - HHH000204:
>> Processing PersistenceUnitInfo [name: default]
>> [main] WARN
>> org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
>> HHH000342: Could not obtain connection to query metadata : Cannot create
>> PoolableConnectionFactory (Could not find a java cryptographic
>> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
>> [main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
>> dialect: org.hibernate.dialect.PostgreSQLDialect
>> [main] INFO
>> org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
>>
>> - HHH000490: Using JtaPlatform implementation:
>> [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
>> [main] INFO
>> org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
>> Initialized JPA EntityManagerFactory for persistence unit 'default'
>> addResourceHandlers
>> [main] INFO com.kodekonveyor.market.SpringConfig -
>> addResourceHandlers
>> viewResolver
>> [main] INFO com.kodekonveyor.market.SpringConfig - viewResolver
>> [main] INFO org.springframework.web.servlet.DispatcherServlet -
>> Completed initialization in 1378 ms
>> Deployment of web application archive
>> [/var/lib/tomcat9/webapps/market.war] has finished in [25,639] ms
>> Deploying web application directory [/var/lib/tomcat9/webapps/ROOT]
>> At least one JAR was scanned for TLDs yet contained no TLDs. Enable
>> debug logging for this logger for a complete list of JARs that were
>> scanned but no TLDs were found in them. Skipping unneeded JARs during
>> scanning can improve startup time and JSP compilation time.
>> Deployment of web application directory
>> [/var/lib/tomcat9/webapps/ROOT] has finished in [1,491] ms
>> Starting ProtocolHandler ["ajp-nio-8009"]
>> Server startup in [27,448] milliseconds
>> [ajp-nio-8009-exec-1] INFO
>> com.kodekonveyor.market.servlets.LoginServlet -
>> service:com.kodekonveyor.market.login.LoginService@3e6bbac6
>> [ajp-nio-8009-exec-1] INFO
>> com.kodekonveyor.market.login.LoginService - LoginService.call
>> [ajp-nio-8009-exec-1] INFO
>> com.kodekonveyor.market.login.LoginService - githubSecret:s4cred S3cr3t
>> Hibernate: select user0_.id as id1_0_, user0_.auth0id as auth2_0_,
>> user0_.email as email3_0_, user0_.name as name4_0_ from User user0_
>> where user0_.auth0id=?
>> [ajp-nio-8009-exec-1] WARN
>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper - SQL Error: 0,
>> SQLState: null
>> [ajp-nio-8009-exec-1] ERROR
>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper - Cannot create
>> PoolableConnectionFactory (Could not find a java cryptographic
>> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
>> Servlet.service() for servlet
>> [com.kodekonveyor.market.servlets.LoginServlet] in context with path
>> [/market] threw exception
>> org.springframework.orm.jpa.JpaSystemException: Unable to acquire
>> JDBC Connection; nested exception is
>> org.hibernate.exception.GenericJDBCException: Unable to acquire JDBC
>> Connection
>> at
>> org.springframework.orm.jpa.vendor.HibernateJpaDialect.convertHibernateAccessException(HibernateJpaDialect.java:352)
>>
>> at
>> org.springframework.orm.jpa.vendor.HibernateJpaDialect.translateExceptionIfPossible(HibernateJpaDialect.java:254)
>>
>> at
>> org.springframework.orm.jpa.AbstractEntityManagerFactoryBean.translateExceptionIfPossible(AbstractEntityManagerFactoryBean.java:528)
>>
>> at
>> org.springframework.dao.support.ChainedPersistenceExceptionTranslator.translateExceptionIfPossible(ChainedPersistenceExceptionTranslator.java:61)
>>
>> at
>> org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:242)
>>
>> at
>> org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:153)
>>
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>
>> at
>> org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$CrudMethodMetadataPopulatingMethodInterceptor.invoke(CrudMethodMetadataPostProcessor.java:149)
>>
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>
>> at
>> org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)
>>
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>
>> at
>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
>>
>> at com.sun.proxy.$Proxy75.findByAuth0id(Unknown Source)
>> at
>> com.kodekonveyor.market.login.LoginService.call(LoginService.java:41)
>> at
>> com.kodekonveyor.market.servlets.LoginServlet.doGet(LoginServlet.java:29)
>>
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>>
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> at
>> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> at
>> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
>>
>> at
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>>
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> at
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
>>
>> at
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
>>
>> at
>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
>>
>> at
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
>>
>> at
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
>>
>> at
>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
>>
>> at
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
>>
>> at
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
>>
>> at
>> org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:394)
>> at
>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
>>
>> at
>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834)
>>
>> at
>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
>>
>> at
>> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
>>
>> at
>> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
>>
>> at
>> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
>>
>> at
>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>>
>> at java.base/java.lang.Thread.run(Thread.java:834)
>> Caused by: org.hibernate.exception.GenericJDBCException: Unable to
>> acquire JDBC Connection
>> at
>> org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:47)
>>
>> at
>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:113)
>>
>> at
>> org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:99)
>>
>> at
>> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:107)
>>
>> at
>> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.getPhysicalConnection(LogicalConnectionManagedImpl.java:134)
>>
>> at
>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl.connection(StatementPreparerImpl.java:50)
>>
>> at
>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl$5.doPrepare(StatementPreparerImpl.java:149)
>>
>> at
>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl$StatementPreparationTemplate.prepareStatement(StatementPreparerImpl.java:176)
>>
>> at
>> org.hibernate.engine.jdbc.internal.StatementPreparerImpl.prepareQueryStatement(StatementPreparerImpl.java:151)
>>
>> at
>> org.hibernate.loader.Loader.prepareQueryStatement(Loader.java:2099)
>> at
>> org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2029)
>> at
>> org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2007)
>> at org.hibernate.loader.Loader.doQuery(Loader.java:953)
>> at
>> org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:354)
>>
>> at org.hibernate.loader.Loader.doList(Loader.java:2810)
>> at org.hibernate.loader.Loader.doList(Loader.java:2792)
>> at
>> org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2624)
>> at org.hibernate.loader.Loader.list(Loader.java:2619)
>> at
>> org.hibernate.loader.hql.QueryLoader.list(QueryLoader.java:506)
>> at
>> org.hibernate.hql.internal.ast.QueryTranslatorImpl.list(QueryTranslatorImpl.java:396)
>>
>> at
>> org.hibernate.engine.query.spi.HQLQueryPlan.performList(HQLQueryPlan.java:219)
>>
>> at
>> org.hibernate.internal.SessionImpl.list(SessionImpl.java:1410)
>> at
>> org.hibernate.query.internal.AbstractProducedQuery.doList(AbstractProducedQuery.java:1558)
>>
>> at
>> org.hibernate.query.internal.AbstractProducedQuery.list(AbstractProducedQuery.java:1526)
>>
>> at org.hibernate.query.Query.getResultList(Query.java:165)
>> at
>> org.hibernate.query.criteria.internal.compile.CriteriaQueryTypeQueryAdapter.getResultList(CriteriaQueryTypeQueryAdapter.java:76)
>>
>> at
>> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
>> Method)
>> at
>> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>>
>> at
>> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>
>> at java.base/java.lang.reflect.Method.invoke(Method.java:566)
>> at
>> org.springframework.orm.jpa.SharedEntityManagerCreator$DeferredQueryInvocationHandler.invoke(SharedEntityManagerCreator.java:409)
>>
>> at com.sun.proxy.$Proxy87.getResultList(Unknown Source)
>> at
>> org.springframework.data.jpa.repository.query.JpaQueryExecution$CollectionExecution.doExecute(JpaQueryExecution.java:126)
>>
>> at
>> org.springframework.data.jpa.repository.query.JpaQueryExecution.execute(JpaQueryExecution.java:88)
>>
>> at
>> org.springframework.data.jpa.repository.query.AbstractJpaQuery.doExecute(AbstractJpaQuery.java:154)
>>
>> at
>> org.springframework.data.jpa.repository.query.AbstractJpaQuery.execute(AbstractJpaQuery.java:142)
>>
>> at
>> org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.doInvoke(RepositoryFactorySupport.java:618)
>>
>> at
>> org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.invoke(RepositoryFactorySupport.java:605)
>>
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>
>> at
>> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:353)
>>
>> at
>> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:99)
>>
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>
>> at
>> org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:139)
>>
>> ... 38 more
>> Caused by: java.sql.SQLException: Cannot create
>> PoolableConnectionFactory (Could not find a java cryptographic
>> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
>> at
>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:735)
>>
>> at
>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:605)
>>
>> at
>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getConnection(BasicDataSource.java:794)
>>
>> at
>> org.hibernate.engine.jdbc.connections.internal.DatasourceConnectionProviderImpl.getConnection(DatasourceConnectionProviderImpl.java:122)
>>
>> at
>> org.hibernate.internal.NonContextualJdbcConnectionAccess.obtainConnection(NonContextualJdbcConnectionAccess.java:38)
>>
>> at
>> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:104)
>>
>> ... 77 more
>> Caused by: org.postgresql.util.PSQLException: Could not find a java
>> cryptographic algorithm: Cannot find any provider supporting
>> 1.2.840.113549.1.5.13.
>> at
>> org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:253)
>> at
>> java.base/sun.security.ssl.AbstractKeyManagerWrapper.getPrivateKey(SSLContextImpl.java:1764)
>>
>> at
>> java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createClientPossession(X509Authentication.java:197)
>>
>> at
>> java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createPossession(X509Authentication.java:154)
>>
>> at
>> java.base/sun.security.ssl.X509Authentication.createPossession(X509Authentication.java:87)
>>
>> at
>> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.choosePossession(CertificateMessage.java:1052)
>>
>> at
>> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.onProduceCertificate(CertificateMessage.java:1073)
>>
>> at
>> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.produce(CertificateMessage.java:930)
>>
>> at
>> java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
>> at
>> java.base/sun.security.ssl.Finished$T13FinishedConsumer.onConsumeFinished(Finished.java:981)
>>
>> at
>> java.base/sun.security.ssl.Finished$T13FinishedConsumer.consume(Finished.java:856)
>>
>> at
>> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
>> at
>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
>>
>> at
>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
>>
>> at
>> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:177)
>>
>> at
>> java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
>> at
>> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
>> at
>> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
>>
>> at
>> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
>>
>> at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:40)
>> at
>> org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:441)
>>
>> at
>> org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:94)
>>
>> at
>> org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
>>
>> at
>> org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
>>
>> at
>> org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
>> at org.postgresql.Driver.makeConnection(Driver.java:458)
>> at org.postgresql.Driver.connect(Driver.java:260)
>> at
>> org.apache.tomcat.dbcp.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:53)
>>
>> at
>> org.apache.tomcat.dbcp.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:355)
>>
>> at
>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:116)
>>
>> at
>> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:731)
>>
>> ... 82 more
>> Caused by: java.security.NoSuchAlgorithmException: Cannot find any
>> provider supporting 1.2.840.113549.1.5.13
>> at java.base/javax.crypto.Cipher.getInstance(Cipher.java:565)
>> at
>> org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:205)
>> ... 112 more
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: postgresql jndi datasource with certificate authentication?
Posted by logo <lo...@kreuser.name>.
Arpad,
have you tried sth like this:
StringBuffer sb = new
StringBuffer("jdbc:postgresql://infra.kodekonveyor.com:5432/users?useSSL=true&useUnicode=true&characterEncoding=UTF-8&");
sb.append("user=market&password=<pw>&");
sb.append("clientCertificateKeyStoreUrl=file:////var/lib/tomcat9/.postgresql/client.jks&");
sb.append("clientCertificateKeyStorePassword=changeit");
Connection c = DriverManager.getConnection(sb.toString());
and convert the pem certificate to JKS/P12 ? I have this working in
mysql...
Peter
Am 2019-10-22 12:56, schrieb Magosányi Árpád:
> Hi!
>
> Anyone have a postgresql jndi datasource with certificate
> authentication
> working?
>
> I have the following in context.xml:
>
> <Resource name="jdbc/users" auth="Container"
> type="javax.sql.DataSource"
> driverClassName="org.postgresql.Driver"
>
> url="jdbc:postgresql://infra.kodekonveyor.com:5432/users?ssl=true&sslmode=verify-ca"
> username="market" maxTotal="20" maxIdle="10"
> maxWaitMillis="-1"/>
>
> I have this in ~tomcat/.postgresql:
>
> root@market:/var/lib/tomcat9/.postgresql# ls -lL
> total 11
> -rw-r--r-- 1 root root 4597 Oct 21 12:49 postgresql.crt
> -r-------- 1 tomcat root 1329 Oct 21 17:40 postgresql.pk8
> -rw-r--r-- 1 root root 1493 Oct 21 12:49 root.crt
>
> where the crt file is a pem client certificate, root.crt is the ca
> cert,
> and pk8 is the client key in der pkcs-8 format.
>
> The logs:
>
> NOTE: Picked up JDK_JAVA_OPTIONS:
> --add-opens=java.base/java.lang=ALL-UNNAMED
> --add-opens=java.base/java.io=ALL-UNNAMED
> --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
> Server version name: Apache Tomcat/9.0.16 (Ubuntu)
> Server built: Sep 11 2019 19:47:51 UTC
> Server version number: 9.0.16.0
> OS Name: Linux
> OS Version: 4.15.0-65-generic
> Architecture: amd64
> Java Home: /usr/lib/jvm/java-11-openjdk-amd64
> JVM Version: 11.0.4+11-post-Ubuntu-1ubuntu218.04.3
> JVM Vendor: Ubuntu
> CATALINA_BASE: /var/lib/tomcat9
> CATALINA_HOME: /usr/share/tomcat9
> Command line argument: --add-opens=java.base/java.lang=ALL-UNNAMED
> Command line argument: --add-opens=java.base/java.io=ALL-UNNAMED
> Command line argument:
> --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
> Command line argument:
> -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties
> Command line argument:
> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
> Command line argument: -Djava.awt.headless=true
> Command line argument: -XX:+UseG1GC
> Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
> Command line argument:
> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
> Command line argument:
> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
> Command line argument: -Dignore.endorsed.dirs=
> Command line argument: -Dcatalina.base=/var/lib/tomcat9
> Command line argument: -Dcatalina.home=/usr/share/tomcat9
> Command line argument: -Djava.io.tmpdir=/tmp
> Loaded APR based Apache Tomcat Native library [1.2.21] using APR
> version [1.6.3].
> APR capabilities: IPv6 [true], sendfile [true], accept filters
> [false], random [true].
> APR/OpenSSL configuration: useAprConnector [false], useOpenSSL
> [true]
> OpenSSL successfully initialized [OpenSSL 1.1.1 11 Sep 2018]
> Initializing ProtocolHandler ["ajp-nio-8009"]
> Server initialization in [1,859] milliseconds
> Starting service [Catalina]
> Starting Servlet engine: [Apache Tomcat/9.0.16 (Ubuntu)]
> Deploying web application archive
> [/var/lib/tomcat9/webapps/market.war]
> SLF4J: Class path contains multiple SLF4J bindings.
> SLF4J: Found binding in
> [jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/slf4j-simple-1.7.24.jar!/org/slf4j/impl/StaticLoggerBinder.class]
> SLF4J: Found binding in
> [jar:file:/var/lib/tomcat9/webapps/market/WEB-INF/lib/logback-classic-1.2.3.jar!/org/slf4j/impl/StaticLoggerBinder.class]
> SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for
> an
> explanation.
> SLF4J: Actual binding is of type
> [org.slf4j.impl.SimpleLoggerFactory]
> 3 Spring WebApplicationInitializers detected on classpath
> onStartup
> getContext
> getRootConfigClasses
> [main] INFO com.kodekonveyor.market.WebInitializer -
> getRootConfigClasses
> getServletConfigClasses
> [main] INFO com.kodekonveyor.market.WebInitializer -
> getServletConfigClasses
> getServletMappings
> [main] INFO com.kodekonveyor.market.WebInitializer -
> getServletMappings
> At least one JAR was scanned for TLDs yet contained no TLDs.
> Enable
> debug logging for this logger for a complete list of JARs that were
> scanned but no TLDs were found in them. Skipping unneeded JARs during
> scanning can improve startup time and JSP compilation time.
> Initializing Spring root WebApplicationContext
> [main] INFO org.springframework.web.context.ContextLoader - Root
> WebApplicationContext: initialization started
> [main] INFO
> org.springframework.data.repository.config.RepositoryConfigurationDelegate
> - Bootstrapping Spring Data repositories in DEFAULT mode.
> [main] INFO
> org.springframework.data.repository.config.RepositoryConfigurationDelegate
> - Finished Spring Data repository scanning in 198ms. Found 1 repository
> interfaces.
> [main] INFO
> org.springframework.data.repository.config.RepositoryConfigurationDelegate
> - Bootstrapping Spring Data repositories in DEFAULT mode.
> [main] INFO
> org.springframework.data.repository.config.RepositoryConfigurationDelegate
> - Finished Spring Data repository scanning in 35ms. Found 1 repository
> interfaces.
> [main] INFO
> org.springframework.context.support.PostProcessorRegistrationDelegate$BeanPostProcessorChecker
> - Bean
> 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration'
> of type
> [org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration]
> is not eligible for getting processed by all BeanPostProcessors (for
> example: not eligible for auto-proxying)
> [main] INFO org.hibernate.jpa.internal.util.LogHelper - HHH000204:
> Processing PersistenceUnitInfo [name: default]
> [main] INFO org.hibernate.Version - HHH000412: Hibernate Core
> {5.4.6.Final}
> [main] INFO org.hibernate.annotations.common.Version -
> HCANN000001:
> Hibernate Commons Annotations {5.1.0.Final}
> [main] WARN
> org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
> HHH000342: Could not obtain connection to query metadata : Cannot
> create
> PoolableConnectionFactory (Could not find a java cryptographic
> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
> [main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
> dialect: org.hibernate.dialect.PostgreSQLDialect
> [main] INFO
> org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
> - HHH000490: Using JtaPlatform implementation:
> [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
> [main] INFO
> org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
> Initialized JPA EntityManagerFactory for persistence unit 'default'
> [main] WARN
> org.springframework.boot.autoconfigure.orm.jpa.JpaBaseConfiguration$JpaWebConfiguration
> - spring.jpa.open-in-view is enabled by default. Therefore, database
> queries may be performed during view rendering. Explicitly configure
> spring.jpa.open-in-view to disable this warning
> addResourceHandlers
> [main] INFO com.kodekonveyor.market.SpringConfig -
> addResourceHandlers
> viewResolver
> [main] INFO com.kodekonveyor.market.SpringConfig - viewResolver
> [main] INFO org.springframework.web.context.ContextLoader - Root
> WebApplicationContext initialized in 12786 ms
> Initializing Spring DispatcherServlet 'DispatcherServlet'
> [main] INFO org.springframework.web.servlet.DispatcherServlet -
> Initializing Servlet 'DispatcherServlet'
> [main] INFO org.springframework.web.servlet.DispatcherServlet -
> Completed initialization in 17 ms
> Initializing Spring DispatcherServlet 'dispatcher'
> [main] INFO org.springframework.web.servlet.DispatcherServlet -
> Initializing Servlet 'dispatcher'
> [main] INFO
> org.springframework.data.repository.config.RepositoryConfigurationDelegate
> - Bootstrapping Spring Data repositories in DEFAULT mode.
> [main] INFO
> org.springframework.data.repository.config.RepositoryConfigurationDelegate
> - Finished Spring Data repository scanning in 13ms. Found 1 repository
> interfaces.
> [main] INFO org.hibernate.jpa.internal.util.LogHelper - HHH000204:
> Processing PersistenceUnitInfo [name: default]
> [main] WARN
> org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator -
> HHH000342: Could not obtain connection to query metadata : Cannot
> create
> PoolableConnectionFactory (Could not find a java cryptographic
> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
> [main] INFO org.hibernate.dialect.Dialect - HHH000400: Using
> dialect: org.hibernate.dialect.PostgreSQLDialect
> [main] INFO
> org.hibernate.engine.transaction.jta.platform.internal.JtaPlatformInitiator
> - HHH000490: Using JtaPlatform implementation:
> [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
> [main] INFO
> org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean -
> Initialized JPA EntityManagerFactory for persistence unit 'default'
> addResourceHandlers
> [main] INFO com.kodekonveyor.market.SpringConfig -
> addResourceHandlers
> viewResolver
> [main] INFO com.kodekonveyor.market.SpringConfig - viewResolver
> [main] INFO org.springframework.web.servlet.DispatcherServlet -
> Completed initialization in 1378 ms
> Deployment of web application archive
> [/var/lib/tomcat9/webapps/market.war] has finished in [25,639] ms
> Deploying web application directory
> [/var/lib/tomcat9/webapps/ROOT]
> At least one JAR was scanned for TLDs yet contained no TLDs.
> Enable
> debug logging for this logger for a complete list of JARs that were
> scanned but no TLDs were found in them. Skipping unneeded JARs during
> scanning can improve startup time and JSP compilation time.
> Deployment of web application directory
> [/var/lib/tomcat9/webapps/ROOT] has finished in [1,491] ms
> Starting ProtocolHandler ["ajp-nio-8009"]
> Server startup in [27,448] milliseconds
> [ajp-nio-8009-exec-1] INFO
> com.kodekonveyor.market.servlets.LoginServlet -
> service:com.kodekonveyor.market.login.LoginService@3e6bbac6
> [ajp-nio-8009-exec-1] INFO
> com.kodekonveyor.market.login.LoginService - LoginService.call
> [ajp-nio-8009-exec-1] INFO
> com.kodekonveyor.market.login.LoginService - githubSecret:s4cred S3cr3t
> Hibernate: select user0_.id as id1_0_, user0_.auth0id as auth2_0_,
> user0_.email as email3_0_, user0_.name as name4_0_ from User user0_
> where user0_.auth0id=?
> [ajp-nio-8009-exec-1] WARN
> org.hibernate.engine.jdbc.spi.SqlExceptionHelper - SQL Error: 0,
> SQLState: null
> [ajp-nio-8009-exec-1] ERROR
> org.hibernate.engine.jdbc.spi.SqlExceptionHelper - Cannot create
> PoolableConnectionFactory (Could not find a java cryptographic
> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
> Servlet.service() for servlet
> [com.kodekonveyor.market.servlets.LoginServlet] in context with path
> [/market] threw exception
> org.springframework.orm.jpa.JpaSystemException: Unable to acquire
> JDBC Connection; nested exception is
> org.hibernate.exception.GenericJDBCException: Unable to acquire JDBC
> Connection
> at
> org.springframework.orm.jpa.vendor.HibernateJpaDialect.convertHibernateAccessException(HibernateJpaDialect.java:352)
> at
> org.springframework.orm.jpa.vendor.HibernateJpaDialect.translateExceptionIfPossible(HibernateJpaDialect.java:254)
> at
> org.springframework.orm.jpa.AbstractEntityManagerFactoryBean.translateExceptionIfPossible(AbstractEntityManagerFactoryBean.java:528)
> at
> org.springframework.dao.support.ChainedPersistenceExceptionTranslator.translateExceptionIfPossible(ChainedPersistenceExceptionTranslator.java:61)
> at
> org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:242)
> at
> org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:153)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
> at
> org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$CrudMethodMetadataPopulatingMethodInterceptor.invoke(CrudMethodMetadataPostProcessor.java:149)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
> at
> org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
> at com.sun.proxy.$Proxy75.findByAuth0id(Unknown Source)
> at
> com.kodekonveyor.market.login.LoginService.call(LoginService.java:41)
> at
> com.kodekonveyor.market.servlets.LoginServlet.doGet(LoginServlet.java:29)
> at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
> at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> at
> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> at
> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
> at
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
> at
> org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:394)
> at
> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
> at
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
> at
> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> at java.base/java.lang.Thread.run(Thread.java:834)
> Caused by: org.hibernate.exception.GenericJDBCException: Unable to
> acquire JDBC Connection
> at
> org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:47)
> at
> org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:113)
> at
> org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:99)
> at
> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:107)
> at
> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.getPhysicalConnection(LogicalConnectionManagedImpl.java:134)
> at
> org.hibernate.engine.jdbc.internal.StatementPreparerImpl.connection(StatementPreparerImpl.java:50)
> at
> org.hibernate.engine.jdbc.internal.StatementPreparerImpl$5.doPrepare(StatementPreparerImpl.java:149)
> at
> org.hibernate.engine.jdbc.internal.StatementPreparerImpl$StatementPreparationTemplate.prepareStatement(StatementPreparerImpl.java:176)
> at
> org.hibernate.engine.jdbc.internal.StatementPreparerImpl.prepareQueryStatement(StatementPreparerImpl.java:151)
> at
> org.hibernate.loader.Loader.prepareQueryStatement(Loader.java:2099)
> at
> org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2029)
> at
> org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2007)
> at org.hibernate.loader.Loader.doQuery(Loader.java:953)
> at
> org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:354)
> at org.hibernate.loader.Loader.doList(Loader.java:2810)
> at org.hibernate.loader.Loader.doList(Loader.java:2792)
> at
> org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2624)
> at org.hibernate.loader.Loader.list(Loader.java:2619)
> at
> org.hibernate.loader.hql.QueryLoader.list(QueryLoader.java:506)
> at
> org.hibernate.hql.internal.ast.QueryTranslatorImpl.list(QueryTranslatorImpl.java:396)
> at
> org.hibernate.engine.query.spi.HQLQueryPlan.performList(HQLQueryPlan.java:219)
> at
> org.hibernate.internal.SessionImpl.list(SessionImpl.java:1410)
> at
> org.hibernate.query.internal.AbstractProducedQuery.doList(AbstractProducedQuery.java:1558)
> at
> org.hibernate.query.internal.AbstractProducedQuery.list(AbstractProducedQuery.java:1526)
> at org.hibernate.query.Query.getResultList(Query.java:165)
> at
> org.hibernate.query.criteria.internal.compile.CriteriaQueryTypeQueryAdapter.getResultList(CriteriaQueryTypeQueryAdapter.java:76)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.base/java.lang.reflect.Method.invoke(Method.java:566)
> at
> org.springframework.orm.jpa.SharedEntityManagerCreator$DeferredQueryInvocationHandler.invoke(SharedEntityManagerCreator.java:409)
> at com.sun.proxy.$Proxy87.getResultList(Unknown Source)
> at
> org.springframework.data.jpa.repository.query.JpaQueryExecution$CollectionExecution.doExecute(JpaQueryExecution.java:126)
> at
> org.springframework.data.jpa.repository.query.JpaQueryExecution.execute(JpaQueryExecution.java:88)
> at
> org.springframework.data.jpa.repository.query.AbstractJpaQuery.doExecute(AbstractJpaQuery.java:154)
> at
> org.springframework.data.jpa.repository.query.AbstractJpaQuery.execute(AbstractJpaQuery.java:142)
> at
> org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.doInvoke(RepositoryFactorySupport.java:618)
> at
> org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.invoke(RepositoryFactorySupport.java:605)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
> at
> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:353)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:99)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
> at
> org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:139)
> ... 38 more
> Caused by: java.sql.SQLException: Cannot create
> PoolableConnectionFactory (Could not find a java cryptographic
> algorithm: Cannot find any provider supporting 1.2.840.113549.1.5.13.)
> at
> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:735)
> at
> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:605)
> at
> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getConnection(BasicDataSource.java:794)
> at
> org.hibernate.engine.jdbc.connections.internal.DatasourceConnectionProviderImpl.getConnection(DatasourceConnectionProviderImpl.java:122)
> at
> org.hibernate.internal.NonContextualJdbcConnectionAccess.obtainConnection(NonContextualJdbcConnectionAccess.java:38)
> at
> org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:104)
> ... 77 more
> Caused by: org.postgresql.util.PSQLException: Could not find a
> java
> cryptographic algorithm: Cannot find any provider supporting
> 1.2.840.113549.1.5.13.
> at
> org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:253)
> at
> java.base/sun.security.ssl.AbstractKeyManagerWrapper.getPrivateKey(SSLContextImpl.java:1764)
> at
> java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createClientPossession(X509Authentication.java:197)
> at
> java.base/sun.security.ssl.X509Authentication$X509PossessionGenerator.createPossession(X509Authentication.java:154)
> at
> java.base/sun.security.ssl.X509Authentication.createPossession(X509Authentication.java:87)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.choosePossession(CertificateMessage.java:1052)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.onProduceCertificate(CertificateMessage.java:1073)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.produce(CertificateMessage.java:930)
> at
> java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
> at
> java.base/sun.security.ssl.Finished$T13FinishedConsumer.onConsumeFinished(Finished.java:981)
> at
> java.base/sun.security.ssl.Finished$T13FinishedConsumer.consume(Finished.java:856)
> at
> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:177)
> at
> java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
> at
> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
> at
> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
> at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:40)
> at
> org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:441)
> at
> org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:94)
> at
> org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
> at
> org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
> at
> org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
> at org.postgresql.Driver.makeConnection(Driver.java:458)
> at org.postgresql.Driver.connect(Driver.java:260)
> at
> org.apache.tomcat.dbcp.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:53)
> at
> org.apache.tomcat.dbcp.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:355)
> at
> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:116)
> at
> org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:731)
> ... 82 more
> Caused by: java.security.NoSuchAlgorithmException: Cannot find any
> provider supporting 1.2.840.113549.1.5.13
> at java.base/javax.crypto.Cipher.getInstance(Cipher.java:565)
> at
> org.postgresql.ssl.LazyKeyManager.getPrivateKey(LazyKeyManager.java:205)
> ... 112 more
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org