我有三个文件(私钥,cert和CAcert),我需要创建一个密钥库来连接到需要SSL连接的mysql数据库。到目前为止我的步骤:
# Create PKCS12 keystore from private key and public certificate and CA like this.
sudo openssl pkcs12 -export -name mycerts -out mycerts.pfx -inkey domain.com.key -in comain.com.crt -certfile domain.com.cabundle
# Convert PKCS12 keystore into a JKS keystore
sudo keytool -importkeystore -destkeystore mykeystore.jks -srckeystore mycerts.pfx -srcstoretype PKCS12 -alias mycerts -deststorepass changeit -destkeypass changeit -srcstorepass changeit
一切似乎都很好,我的应用程序的根文件夹中有一个mykeystore.jks文件。此时我尝试连接:
public class TestConnection {
public static void main(String[] args) {
System.setProperty("javax.net.ssl.keyStore", "mykeystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
Connection con = null;
try {
String url = "jdbc:mysql://remoteIP:3306/my_db"
+ "?verifyServerCertificate=true"
+ "&useSSL=true"
+ "&requireSSL=true";
String user = "user";
String password = "pwd";
Class dbDriver = Class.forName("com.mysql.jdbc.Driver");
con = DriverManager.getConnection(url, user, password);
} catch (Exception ex) {
ex.printStackTrace();
} finally {
if (con != null) {
try {
con.close();
} catch (Exception e) {
e.printstacktrace();
}
}
}
}
}
但我得到一个例外:
java.sql.SQLException: null, message from server: "Host '93-45-149-182.ip102.fastwebnet.it' is not allowed to connect to this MySQL server"
t com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1084)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:987)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:973)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1112)
at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2506)
at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2539)
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2321)
at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:832)
at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:46)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:417)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:344)
at java.sql.DriverManager.getConnection(DriverManager.java:571)
at java.sql.DriverManager.getConnection(DriverManager.java:215)
at ekovianetworkexplorer.TestConnection.main(TestConnection.java:28)
我的设置中是否有任何遗漏?提前谢谢。