You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "FEZ (Felix Kratzer)" <fe...@iw.uni-karlsruhe.de> on 2006/02/10 13:36:06 UTC
Tomcat5 - Postgres-Datasource - SSL
Hi list!
It's driving me crazy!
I need to connect to a postgres db using SSL!
This is is how i daclare the datasource:
<ResourceParams name="ScharfeStoccerDb">
<parameter>
<name>url</name>
<value>jdbc:postgresql://111.22.3.44/myWorkingDb?ssl</value>
</parameter>
<parameter>
<name>password</name>
<value>myWorkingPassword</value>
</parameter>
<parameter>
<name>maxActive</name>
<value>4</value>
</parameter>
<parameter>
<name>maxWait</name>
<value>5000</value>
</parameter>
<parameter>
<name>driverClassName</name>
<value>org.postgresql.Driver</value>
</parameter>
<parameter>
<name>username</name>
<value>myWorkingUser</value>
</parameter>
<parameter>
<name>maxIdle</name>
<value>2</value>
</parameter>
</ResourceParams>
Up to now (on my test-server using jboss) I could declare a special (so
called NonValidatin~) SSL Factory.
Now I want to drop this concecpt and really use SSL!
So I:
- got the certificate of 111.22.3.44
- created a keystore at conf/keystore
- imported the crtificate with the alias 111.22.3.44
- Added
-Djavax.net.ssl.trustStore=sys:/myWorkingPath/conf/keystore \
-Djavax.net.ssl.trustStorePassword=myWorkingKeystorePassword \
to my catalina.sh
when I access my servlet I get a LOT of exception wich all have the cause:
"Caused by: java.security.InvalidAlgorithmParameterException: the
trustAnchors parameter must be non-empty
at
java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:183)
"
So, what did I do wrong?
OR: How can I tell tomcat to use the NonValidatingSSLFactory?
FEZ
(Felix Kratzer)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org