1

I'm trying to establish an SSL connection to a Sybase ASE 16.0 using JDBC driver. On the server, through interactive SQL, I am able to access the ASE server with SSL. I am using Jconnect 4 (jconn4.jar) and JDK 8 with the following connection string: jdbc:sybase:Tds:host:port/dbname?ENABLE_SSL=true. Server certificate imported to the java application trust store using keytool. I have gone through the other question already asked here but it doesn't help me to rectify this problem. Test code is below. 

try {
        Class.forName("com.sybase.jdbc4.jdbc.SybDriver");
        Connection con = DriverManager.getConnection(
                "jdbc:sybase:Tds:host:5000/master?ENABLE_SSL=TRUE", "sa",
                "password");
        System.out.println("*********Connected**********");
        Statement stmt = con.createStatement();
        ResultSet rs = stmt.executeQuery("select @@ssl_ciphersuite");
        int i = 1;
        while (rs.next()) {
            System.out.println("Row: " + i);
            System.out.println("ID: " + rs.getString(1).trim());
            System.out.println(" ");
            i = i + 1;
        }
        con.close();
    } catch (Exception e) {
        e.printStackTrace();
    }

My JDBC code throwing below exception. The connection should be established over the secure network but facing below error. 

java.sql.SQLException: JZ00L: Login failed.  Examine the SQLWarnings chained to this exception for the reason(s).
    at com.sybase.jdbc4.jdbc.SybConnection.getAllExceptions(Unknown Source)
    at com.sybase.jdbc4.jdbc.SybConnection.handleSQLE(Unknown Source)
    at com.sybase.jdbc4.jdbc.SybConnection.a(Unknown Source)
    at com.sybase.jdbc4.jdbc.SybConnection.handleHAFailover(Unknown Source)
    at com.sybase.jdbc4.jdbc.SybConnection.<init>(Unknown Source)
    at com.sybase.jdbc4.jdbc.SybConnection.<init>(Unknown Source)
    at com.sybase.jdbc4.jdbc.SybDriver.connect(Unknown Source)
    at java.sql.DriverManager.getConnection(DriverManager.java:664)
    at java.sql.DriverManager.getConnection(DriverManager.java:247)
    at com.testing.Test.main(Test.java:41)

I checked the Sybase log see the following error:

kernel  SSL or Crypto Error Message: 'The SSL handshake failed.  Root error: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol'.

I went through the multiple Sybase documentation but no luck. Any help will be much appreciated. Thanks in advance!!

kush
  • 79
  • 2
  • 11
  • It looks like whatever protocol/cipher suite your client is trying to use isn't supported by the server. What are the SSL/TLS settings in your `JRE/lib/security/java.security` file? Unfortunately, I'm not aware of any TDS-enabled SSL analysis tool that could detect what the Sybase server supports. – Andrew Henle Jun 27 '19 at 10:17
  • Sybase only supports the TLS protocol base ciphers. I tried with replacing local_policy and US_Export_policy jar with unlimited strengthen policies. Also tried to force in code to use TLSv1.2 like SSLContext ctx = SSLContext.getInstance("TLSv1.2"). – kush Jun 27 '19 at 13:31
  • Facing same issue... Please post if you sort it out. – senthil prabhu Oct 03 '19 at 08:05
  • Are you using OpenSSL or common crypto library? check this KBA https://launchpad.support.sap.com/#/notes/1899365 and also make sure you are using the right jconn4.jar, prefer jconn4.jar from your installation. – kush Oct 05 '19 at 08:21

0 Answers0