Hello Hari,
Can you please set the property logLevel=1, INFO
and then reply back with the output. You may also
try logLevel=2, DEBUG for additional information.
danap.
Hari Babu wrote:
> On Monday, January 28, 2013 10:20 PM, Dave Cramer wrote:
>
> >>On Mon, Jan 28, 2013 at 9:03 AM, Hari Babu <haribabu.kommi@huawei.com
> <mailto:haribabu.kommi@huawei.com>> wrote:
>
> >>While testing PostgreSQL JDBC java client to connect to the PG 9.2.1
> >>database server using SSL.
> >>we got the following behavior.
> >>
> >>The test steps as below:
> >>
> >>url = "jdbc:postgresql://" + "10.145.98.227" + ':'
> >> + "8707" + '/'
> >> + "POSTGRES";
> >> Properties props = new Properties();
> >> props.setProperty("user", "CLIENT");
> >> props.setProperty("password", "1234@QWER");
> >> props.setProperty("ssl", "true");
> >>
> >> System.setProperty("javax.net.ssl.trustStore", "193store");
> >> System.setProperty("javax.net.ssl.keyStore", "193client.jks");
> >> System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
> >> System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");
> >>
> >> /*Begin the first ssl connection*/
> >> conn1 = DriverManager.getConnection(url, props);
> >> System.out.println("Connection1 successful!");
> >>
> >>
> >> System.setProperty("javax.net.ssl.trustStore", "193store");
> >> System.setProperty("javax.net.ssl.keyStore", "193client.jks");
> >> System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
> >> System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");
> >>
> >> /*Begin the second ssl connection*/
> >> conn2 = DriverManager.getConnection(url, props);
> >> System.out.println("Connection2 successful!");
> >>
> >>Before first connection we set
> >>"System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");"
> qwerty is
> >>the right password
> >>and before second SSL connection we set
> >>"System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");"
> >>wrongpassword is the wrong password.
> >>
> >>we expect the first SSL connection will be successful and second failed
> >>because of wrong password, but actually we get two successful SSL
> >>connections.
> >>We found that if the first SSL connections password set right, all the
> >>following SSL connections are fine ,even set wrong keystroke password.
> >>
> >>1. Is this a defect about JDBC?
> >>2. Is it SSL behavior to authenticate only once?
> >>3. Is it system property behavior can be set only once.
> >>4. Is it because of any other problems?
> >>
> >>please give your suggestions?
>
> >JDBC uses java's SSL infrastructure, as such I don't think it's a
> defect in JDBC. It could be because your truststore >does not require a
> password.
>
> I removed the trustStorePassword setting from the test, still the second
> connection is getting success with the wrong
>
> keyStorePassword.
>
> Regards,
>
> Hari babu.
