3

I would like to have my jdbc connection used in the application using Jersey and Tomcat to be secured using SSL. The mySQL server already supports SSL, I have the necessary SSL certificate file present on the computer running NetBeans and I can connect to the mySQL server using SSL from MySQL Workbench.

The definition for an unsecured connection currently looks like:

<Resource name="jdbc/Colabo" auth="Container" type="javax.sql.DataSource"
           maxActive="100" maxIdle="30" maxWait="10000"
           username="xxxx" password="yyyyy" driverClassName="com.mysql.jdbc.Driver"
           url="jdbc:mysql://ip.address:3306/db?autoReconnect=true"/>

How can I specify in the section of the context.cml file the connection should be done using SSL?

Suma
  • 33,181
  • 16
  • 123
  • 191
  • possible duplicate of [Configure spring to connect to mysql over ssl](http://stackoverflow.com/questions/14265115/configure-spring-to-connect-to-mysql-over-ssl) – user207421 May 15 '13 at 23:39

2 Answers2

7

Inspired by an answer to a similar question - Configure spring to connect to mysql over ssl.

The SSL settings can be passed in the URL:

url="jdbc:mysql://ip.address:3306/db?autoReconnect=true&amp;verifyServerCertificate=false&amp;useSSL=true&amp;requireSSL=true"/

I did not find a way how to make the verifyServerCertificate=true option working - one would probably need to specify a location of the CA certificate is some settings for that .

Community
  • 1
  • 1
Suma
  • 33,181
  • 16
  • 123
  • 191
2

Support for self-signed certificates was recently added to the MariaDB JDBC driver (which also works for connecting to MySQL). The latest version (1.1.3 as of writing this) also allows you to directly specify the server certificate at runtime so that you do not need to configure key stores or import certificates in advance.

The two properties to set are useSSL and serverSslCert. The latter can be either the certificate itself (a String value) or a path to a file that contains the certificate (either full path or classpath relative).

url="jdbc:mysql://your-server.example.com:3306/db?autoReconnect=true&useSSL=true&serverSslCert=classpath:path/to/server.crt

For a full working example of how to connect see here. It's a generic JDBC example (does not use Spring) but should be a good cheat sheet to look at.

sehrope
  • 1,777
  • 13
  • 16