Ok,
I have just looked at my postgreSQL terminal window and seen the
following message:
sslv3 alert certificate unknown
Could this mean that the certificate is of the wrong type??
regards
Andrew
On 6 Dec 2004, at 12:50, Andrew M wrote:
> Kriss,
> I have implemented your earlier suggestion:
>
> sslfactory=org.postgresql.ssl.NonValidatingFactory
>
> and no error are generated, so I presume that the connection to the
> database is now ssl'd. So why bother going through the headache of
> creating a certificate if I can do it like mentioned above?
>
> regards
>
> Andrew
> On 6 Dec 2004, at 12:28, Kris Jurka wrote:
>
>>
>>
>> On Mon, 6 Dec 2004, Andrew M wrote:
>>
>>> jdbc:postgresql://localhost:5432/mydatabase?ssl
>>>
>>> When I launch Jboss, which handles the connection to postgresql, I
>>> get
>>> the following error:
>>>
>>> javax.net.ssl.SSLHandshakeException:
>>> sun.security.validator.ValidatorException: No trusted certificate
>>> found
>>>
>>
>> Difficult to say. Perhaps JBoss is deciding to use an alternate
>> truststore? Perhaps it doesn't like your cert setup. I would suggest
>> first running a simple client program to test that it's working first.
>> Also adding -Djavax.net.debug=ssl to the java command will help
>> debugging
>> ssl problems.
>>
>> Further the 8.0 JDBC driver can create SSL connnections without doing
>> authentication by adding using an additional url parameter:
>>
>> sslfactory=org.postgresql.ssl.NonValidatingFactory
>>
>> You should try to get it to authenticate correctly, but this is
>> another
>> useful test point.
>>
>> Kris Jurka
>>
>> ---------------------------(end of
>> broadcast)---------------------------
>> TIP 3: if posting/reading through Usenet, please send an appropriate
>> subscribe-nomail command to majordomo@postgresql.org so that
>> your
>> message can get through to the mailing list cleanly
>>
>
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 7: don't forget to increase your free space map settings
>
