0

My application must make an SSL connection to a Maria DB instance.

Here is my connection string

jdbc:mariadb://<serverName>:3306/<dbName>?serverSslCert=<path to server cert>&jdbcCompliantTruncation=false&verifyServerCertificate=true&useSSL=true&enabledSslProtocolSuites=TLSv1.1&autoReconnect=true

This worked fine but now my application needs to create an https connection and present a client certificate.

        HttpClientBuilder hcb = HttpClients.custom();
        hcb.useSystemProperties();
        hcb.setUserAgent(AGENT);
        hcb.setDefaultCookieStore(new BasicCookieStore());

        SSLContext sslContext = SSLContexts.createSystemDefault();
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);
        hcb.setSSLSocketFactory(sslsf);
        client = hcb.build();

When I start my application with javax.net.ssl.keyStore set, I get the following exception

org.springframework.jdbc.CannotGetJdbcConnectionException: Could not get JDBC Connection; nested exception is org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Could not connect to <serverName>:3306: Unsupported record version Unknown-0.0)
    at org.springframework.jdbc.datasource.DataSourceUtils.getConnection(DataSourceUtils.java:80)
    at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:573)
    at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:637)
    at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:666)
    at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:674)
    at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:718)
    at gov.dni.search.intelsync.common.dao.MySQLDAO.getSyncRecords(MySQLDAO.java:71)
    at gov.dni.search.intelsync.common.client.SyncClient.getSyncRecords(SyncClient.java:283)
    at gov.dni.search.intelsync.common.ExporterUpdater.call(ExporterUpdater.java:53)
    at gov.dni.search.intelsync.common.ExporterUpdater.call(ExporterUpdater.java:22)
    at java.util.concurrent.FutureTask.run(FutureTask.java:262)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask.run(FutureTask.java:262)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:744)
Caused by: org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Could not connect to <serverName>:3306: Unsupported record version Unknown-0.0)
    at org.apache.commons.dbcp.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:1549)
    at org.apache.commons.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1388)
    at org.apache.commons.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044)
    at org.springframework.jdbc.datasource.DataSourceUtils.doGetConnection(DataSourceUtils.java:111)
    at org.springframework.jdbc.datasource.DataSourceUtils.getConnection(DataSourceUtils.java:77)
    ... 15 more
Caused by: java.sql.SQLNonTransientConnectionException: Could not connect to <serverName>:3306: Unsupported record version Unknown-0.0
    at org.mariadb.jdbc.internal.util.exceptions.ExceptionMapper.get(ExceptionMapper.java:156)
    at org.mariadb.jdbc.internal.util.exceptions.ExceptionMapper.getException(ExceptionMapper.java:118)
    at org.mariadb.jdbc.internal.util.exceptions.ExceptionMapper.throwException(ExceptionMapper.java:92)
    at org.mariadb.jdbc.Driver.connect(Driver.java:111)
    at org.apache.commons.dbcp.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:38)
    at org.apache.commons.dbcp.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:582)
    at org.apache.commons.dbcp.BasicDataSource.validateConnectionFactory(BasicDataSource.java:1556)
    at org.apache.commons.dbcp.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:1545)
    ... 19 more
Caused by: java.sql.SQLException: Could not connect to <serverName>:3306: Unsupported record version Unknown-0.0
    at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.handleConnectionPhases(AbstractConnectProtocol.java:712)
    at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connect(AbstractConnectProtocol.java:405)
    at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connectWithoutProxy(AbstractConnectProtocol.java:1028)
    at org.mariadb.jdbc.internal.util.Utils.retrieveProxy(Utils.java:483)
    at org.mariadb.jdbc.Driver.connect(Driver.java:106)
    ... 23 more
Caused by: javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
    at sun.security.ssl.InputRecord.readV3Record(InputRecord.java:524)
    at sun.security.ssl.InputRecord.read(InputRecord.java:509)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
    at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.handleConnectionPhases(AbstractConnectProtocol.java:686)
    ... 27 more

So it would seem that the app can either make a secure database connection (required) or identify itself to an http server (also required).

I am using mariadb-java-client-1.6.2.jar but have tried the latest version that is compatible with Java 7 (1.7.1) and still get the same error.

My primary question is, am I doing something wrong or is it not possible to use a secured connection to mariadb while having javax.net.ssl.keyStore set? Do I need to put the (mariadb) server certificate in the keystore?

Barring that, is there some other way that I can tell my HttpClient to use the keystore without providing it through javax.net.ssl.keyStore?

Mark Sholund
  • 1,273
  • 2
  • 18
  • 32

0 Answers0