我正在尝试使用SSL连接到在AWS RDS中运行的MqSQL数据库。由于InvalidAlgorithmParameterException,我无法建立此连接
我已根据https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html上的AWS文档将rds-ca-2015-root证书添加到我的客户端应用程序中运行的密钥库中
我尝试了该页面提供的根证书,组合证书和区域证书。在我的客户端应用程序中,我使用了HikariCP BasicDataSource来设置我的连接信息。我已经将“ useSSL”和“ requireSSL”参数都添加为HikariDataSource对象上的数据源属性,并添加为jdbc连接字符串上的参数。此外,我确保将“ javax.net.ssl.trustStore”和“ javax.net.ssl.trustStorePassword”系统属性设置为包含AWS RDS证书的正确密钥库。
System.setProperty("javax.net.ssl.trustStore", getClass().getResource("/corpdb/" + environment + "/rds-truststore.ts").toExternalForm());
System.setProperty("javax.net.ssl.trustStorePassword", "password");
logger.info("TRUST STORE: {}", System.getProperty("javax.net.ssl.trustStore"));
basicDataSource = new HikariDataSource();
basicDataSource.addDataSourceProperty("useSSL", useSSL);
basicDataSource.addDataSourceProperty("requireSSL", useSSL);
basicDataSource.setUsername(user);
basicDataSource.setPassword(pass);
basicDataSource.setDriverClassName(driver);
basicDataSource
.setJdbcUrl("jdbc:mysql://" + host + "/" + schema + "?useLegacyDatetimeCode=false&serverTimezone=UTC&useSSL=true&requireSSL=true");
runner = new QueryRunner(getDataSource());
我希望能够与MySQL数据库建立连接,但是出现以下错误:
19/06 11:16:29,801 [ main] INFO System.err[ 214] - Exception in thread "main"
19/06 11:16:29,801 [ main] INFO System.err[ 214] - java.lang.ExceptionInInitializerError
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at bootstrap.EntryPoint.main(EntryPoint.java:94)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - Caused by: com.zaxxer.hikari.pool.PoolInitializationException: Exception during pool initialization: Communications link failure
19/06 11:16:29,801 [ main] INFO System.err[ 214] - The last packet successfully received from the server was 0 milliseconds ago. The last packet sent successfully to the server was 0 milliseconds ago.
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at com.zaxxer.hikari.pool.HikariPool.initializeConnections(HikariPool.java:581)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at com.zaxxer.hikari.pool.HikariPool.<init>(HikariPool.java:152)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at com.zaxxer.hikari.HikariDataSource.getConnection(HikariDataSource.java:96)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at org.apache.commons.dbutils.AbstractQueryRunner.prepareConnection(AbstractQueryRunner.java:204)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at org.apache.commons.dbutils.QueryRunner.query(QueryRunner.java:305)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at org.corporate.db.impl.hikaricp.HikariCPConnector.query(HikariCPConnector.java:105)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at org.corporate.db.impl.DBManager.maxID(DBManager.java:90)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at org.corporate.db.impl.DBManager.<init>(DBManager.java:77)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at org.corporate.db.impl.DBManager.<clinit>(DBManager.java:64)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - ... 1 more
19/06 11:16:29,801 [ main] INFO System.err[ 214] - Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
19/06 11:16:29,801 [ main] INFO System.err[ 214] - The last packet successfully received from the server was 0 milliseconds ago. The last packet sent successfully to the server was 0 milliseconds ago.
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at java.lang.reflect.Constructor.newInstance(Unknown Source)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:983)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:110)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:4793)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at com.mysql.jdbc.MysqlIO.proceedHandshakeWithPluggableAuthentication(MysqlIO.java:1635)
19/06 11:16:29,801 [ main] INFO System.err[ 214] - at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1207)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2254)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2285)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2084)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:795)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:44)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at java.lang.reflect.Constructor.newInstance(Unknown Source)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:400)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:327)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.zaxxer.hikari.util.DriverDataSource.getConnection(DriverDataSource.java:95)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.zaxxer.hikari.util.DriverDataSource.getConnection(DriverDataSource.java:101)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.zaxxer.hikari.pool.HikariPool.addConnection(HikariPool.java:496)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at com.zaxxer.hikari.pool.HikariPool.initializeConnections(HikariPool.java:565)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - ... 9 more
19/06 11:16:29,817 [ main] INFO System.err[ 214] - Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at sun.security.ssl.Alerts.getSSLException(Unknown Source)
19/06 11:16:29,817 [ main] INFO System.err[ 214] - at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.SSLSocketImpl.handleException(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:95)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - ... 28 more
19/06 11:16:29,832 [ main] INFO System.err[ 214] - Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.validator.PKIXValidator.<init>(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.validator.Validator.getInstance(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.X509TrustManagerImpl.getValidator(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.Handshaker.processLoop(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.Handshaker.process_record(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
19/06 11:16:29,832 [ main] INFO System.err[ 214] - at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
19/06 11:16:29,848 [ main] INFO System.err[ 214] - ... 31 more
19/06 11:16:29,848 [ main] INFO System.err[ 214] - Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
19/06 11:16:29,848 [ main] INFO System.err[ 214] - at java.security.cert.PKIXParameters.setTrustAnchors(Unknown Source)
19/06 11:16:29,848 [ main] INFO System.err[ 214] - at java.security.cert.PKIXParameters.<init>(Unknown Source)
19/06 11:16:29,848 [ main] INFO System.err[ 214] - at java.security.cert.PKIXBuilderParameters.<init>(Unknown Source)
19/06 11:16:29,848 [ main] INFO System.err[ 214] - ... 43 more
此错误似乎意味着我或者找不到正确的密钥库,或者我没有所需的正确证书。但是,我已经确认“ javax.net.ssl.trustStore”已设置为正确的密钥库,并且密钥库确实具有上面发布的RDS文档网页中概述的证书。