Postgres Pro
Downloads
Home   >   mailing lists

Re: JDBC connection test with SSL on PG 9.2.1 server - Mailing list pgsql-jdbc

From Hari Babu
Subject Re: JDBC connection test with SSL on PG 9.2.1 server
Date
Msg-id 00a401cdfdde$db9737e0$92c5a7a0$@kommi@huawei.com
Whole thread Raw
In response to Re: JDBC connection test with SSL on PG 9.2.1 server  (Dave Cramer <pg@fastcrypt.com>)
Responses Re: JDBC connection test with SSL on PG 9.2.1 server  (dmp <danap@ttc-cmc.net>)
List pgsql-jdbc
Tree view

On Monday, January 28, 2013 10:20 PM, Dave Cramer wrote:

>>On Mon, Jan 28, 2013 at 9:03 AM, Hari Babu <haribabu.kommi@huawei.com> wrote:

>>While testing PostgreSQL JDBC java client to connect to the PG 9.2.1
>>database server using SSL.
>>we got the following behavior.
>>
>>The test steps as below
>>
>>url = "jdbc:postgresql://" + "10.145.98.227" + ':'
>>            + "8707" + '/'
>>            + "POSTGRES";
>>    Properties props = new Properties();
>>    props.setProperty("user", "CLIENT");
>>    props.setProperty("password", "1234@QWER");
>>    props.setProperty("ssl", "true");
>>
>>      System.setProperty("javax.net.ssl.trustStore", "193store");
>>      System.setProperty("javax.net.ssl.keyStore", "193client.jks");
>>      System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
>>    System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");
>>
>>    /*Begin the first ssl connection*/
>>    conn1 = DriverManager.getConnection(url, props);
>>    System.out.println("Connection1 successful!");
>>
>>
>>      System.setProperty("javax.net.ssl.trustStore", "193store");
>>      System.setProperty("javax.net.ssl.keyStore", "193client.jks");
>>      System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
>>    System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");
>>
>>    /*Begin the second ssl connection*/
>>    conn2 = DriverManager.getConnection(url, props);
>>    System.out.println("Connection2 successful!");
>>
>>Before first connection we set
>>"System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");" qwerty is
>>the right password
>>and before second SSL connection we set
>>"System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");"
>>wrongpassword is the wrong password.
>>
>>we expect  the first SSL connection will be successful and second failed
>>because of wrong password, but actually we get two successful SSL
>>connections.
>>We found that  if the first SSL connections password set right, all the
>>following SSL connections are fine ,even set wrong keystroke password.
>>
>>1. Is this a defect about JDBC?
>>2. Is it SSL behavior to authenticate only once?
>>3. Is it system property behavior can be set only once.
>>4. Is it because of any other problems?
>>
>>please give your suggestions?

>JDBC uses java's SSL infrastructure, as such I don't think it's a defect in JDBC. It could be because your truststore >does not require a password.

 

I removed the trustStorePassword setting from the test, still the second connection is getting success with the wrong

keyStorePassword.

 

Regards,

Hari babu.

pgsql-jdbc by date:

Previous
From: dmp
Date:
Subject: Re: Bug report: NullPointerException from Driver.connect when passed a Properties with non-string values
Next
From: Chen Huajun
Date:
Subject: Re: [BUGS]log can not be output when use DataSource