Postgres Pro
Downloads
Home   >   mailing lists

Trouble setting up ssl cert authentication from java/hibernate - Mailing list pgsql-jdbc

From Magosányi Árpád
Subject Trouble setting up ssl cert authentication from java/hibernate
Date
Msg-id 4EB1498A.4080400@magwas.rulez.org
Whole thread Raw
Responses Re: Trouble setting up ssl cert authentication from java/hibernate
Re: Trouble setting up ssl cert authentication from java/hibernate
List pgsql-jdbc
Tree view 
Hi!

I have a server which authenticates with ssl certificates. I have no
trouble using it with psql.

However I cannot figure out how to do the same with java. I have added
my private key and cert along with the CA cert to my keystore.
I set the javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword
properties. But it seems that the underlying ssl does not use my
certificate/key.
Both the server and client reports "FATAL:  connection requires a valid
client certificate"
What am I doing wrong?

The juice of my hibernate config is:
<property
name="hibernate.connection.url">jdbc:postgresql://localhost:5433/archi?sslmode=required&ssl=true&</property>
<property name="hibernate.connection.username">mag</property>
<property
name="hibernate.dialect">org.hibernate.dialect.PostgreSQLDialect</property>

The juice of my test case:
         String password = new PasswordDialog(new Shell()).ask();
         System.out.println("keystore
path="+System.getProperty("javax.net.ssl.trustStore"));
         File keystorepath = new
File(System.getProperty("user.home"),".keystore");

System.setProperty("javax.net.ssl.trustStore",keystorepath.getAbsolutePath());
         System.setProperty("javax.net.ssl.trustStorePassword", password);
         System.out.println("keystore
path="+System.getProperty("javax.net.ssl.trustStore"));
         System.out.println("keystore
pwd="+System.getProperty("javax.net.ssl.trustStorePassword"));

         Session session = getSessionFactory().getCurrentSession();
         System.out.println("session="+session);
         session.beginTransaction(); // dies here

You can find the full code at commit
8c35c887d973fed1ba6eccdcc7726a11ebfe0612 of
git@github.com:magwas/org.rulez.magwas.styledhtml.git
org.rulez.magwas.enterprise/src/org/rulez/magwas/enterprise/repository/RepoFactoryTest.java

And the stack trace:

org.hibernate.exception.GenericJDBCException: Cannot open connection
     at
org.hibernate.exception.SQLStateConverter.handledNonSpecificException(SQLStateConverter.java:140)
     at
org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:128)
     at
org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:66)
     at
org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:52)
     at
org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:449)
     at
org.hibernate.jdbc.ConnectionManager.getConnection(ConnectionManager.java:167)
     at org.hibernate.jdbc.JDBCContext.connection(JDBCContext.java:142)
     at
org.hibernate.transaction.JDBCTransaction.begin(JDBCTransaction.java:85)
     at
org.hibernate.impl.SessionImpl.beginTransaction(SessionImpl.java:1463)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
     at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     at java.lang.reflect.Method.invoke(Method.java:616)
     at
org.hibernate.context.ThreadLocalSessionContext$TransactionProtectionWrapper.invoke(ThreadLocalSessionContext.java:344)
     at $Proxy5.beginTransaction(Unknown Source)
     at
org.rulez.magwas.enterprise.repository.RepoFactoryTest.test(RepoFactoryTest.java:28)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
     at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     at java.lang.reflect.Method.invoke(Method.java:616)
     at
org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
     at
org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
     at
org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
     at
org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
     at
org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79)
     at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71)
     at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49)
     at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
     at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
     at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
     at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
     at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
     at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
     at
org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)
     at
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
     at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
     at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
     at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
     at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
Caused by: org.postgresql.util.PSQLException: FATAL: connection requires
a valid client certificate
     at
org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:291)
     at
org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:108)
     at
org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:66)
     at
org.postgresql.jdbc2.AbstractJdbc2Connection.<init>(AbstractJdbc2Connection.java:125)
     at
org.postgresql.jdbc3.AbstractJdbc3Connection.<init>(AbstractJdbc3Connection.java:30)
     at org.postgresql.jdbc3.Jdbc3Connection.<init>(Jdbc3Connection.java:24)
     at org.postgresql.Driver.makeConnection(Driver.java:393)
     at org.postgresql.Driver.connect(Driver.java:267)
     at java.sql.DriverManager.getConnection(DriverManager.java:620)
     at java.sql.DriverManager.getConnection(DriverManager.java:169)
     at
org.hibernate.connection.DriverManagerConnectionProvider.getConnection(DriverManagerConnectionProvider.java:133)
     at
org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:446)
     ... 34 more

pgsql-jdbc by date:

Previous
From: Laurian Vostinar
Date:
Subject: Fwd: Re: [BUGS] BUG #6253: JDBC driver: getIndexInfo() returns quotes around quoted column names
Next
From: Magosányi Árpád
Date:
Subject: Re: Trouble setting up ssl cert authentication from java/hibernate