从 Java 程序到 mssql 的 SSL 连接
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/20784407/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
SSL Connection to mssql from a Java Program
提问by Chandra Prakash
How can I achieve SSL connection to mssql server through a java program for testing purpose using self-signed certificate? Currently I have tried connection using connection string as follows:
如何使用自签名证书通过java程序实现到mssql服务器的SSL连接以进行测试?目前我已经尝试使用连接字符串进行连接,如下所示:
String dbUrl = "jdbc:sqlserver://" + server + ":" + port
+ ";databaseName=" + database + ";user="+ username
+ ";password=" + password
+ ";encrypt="+true
+ ";integratedSecurity="+true
+ ";trustServerCertificate="+false
+ ";hostNameInCertificate=?"
+ ";trustStore=?;trustStorePassword=?";
I am now confused what should be placed at "?" position in the connection string above.
我现在很困惑应该把什么放在“?” 在上面的连接字符串中的位置。
Also I am able to connect with mssql from management studio by following approach:
此外,我还可以通过以下方法与管理工作室的 mssql 连接:
- To Create a Self Signed Certificate:
- Go to Control Panel
- Administrative tools
- IIS Manager
- Server Certificates
Then on server certificate, on right Panel, Click Create self-signed certificate and Give Friendly Name. > OK. Now certificate is ready.
Open MMC, by typing mmc in cmd
- Add/Remove Snap in
- Choose Certificate
- Add
- Next, Choose Local Computer, Finish,OK
- Expand Certificates, Personal, Certificates, we can see recently added certificate.
- Select certificate, Right Click, All Tasks, Manage Private Keys
Add MSSQL User, add give read permission.
Now open SQL Server Configuration Manager
- SQL server network configuration, properties
- Set Force Encryption to Yes,
In certificate Tab, Choose the Certificate recently added
Restart SQL Server Services.
- Try encryption connection to database and connect.
- 创建自签名证书:
- 进入控制面板
- 管理工具
- IIS 管理器
- 服务器证书
然后在服务器证书上,在右侧面板上,单击创建自签名证书并提供友好名称。> 好的。现在证书准备好了。
在 cmd 中输入 mmc 打开 MMC
- 添加/删除管理单元
- 选择证书
- 添加
- 接下来,选择本地计算机,完成,确定
- 展开证书、个人、证书,我们可以看到最近添加的证书。
- 选择证书,右键单击,所有任务,管理私钥
添加 MSSQL 用户,添加授予读取权限。
现在打开 SQL Server 配置管理器
- SQL 服务器网络配置、属性
- 将强制加密设置为是,
在证书选项卡中,选择最近添加的证书
重新启动 SQL Server 服务。
- 尝试加密连接到数据库并连接。
But how to connect it with java program? What should be kept in trustStore and trustStorePassword fields?
但是如何与java程序连接呢?应该在 trustStore 和 trustStorePassword 字段中保留什么?
Working Environment: Windows 8, and mssql server 2012
工作环境:Windows 8,mssql server 2012
回答by kbbucks
I'm sure you've solved the issue by now!, but in case of anyone else with the same issue it's addressed here: https://msdn.microsoft.com/en-us/library/bb879949(v=sql.110).aspx
我相信你现在已经解决了这个问题!但如果其他人遇到同样的问题,请在此处解决:https: //msdn.microsoft.com/en-us/library/bb879949(v=sql. 110).aspx
When the encrypt property is set to true and the trustServerCertificate property is set to true, the Microsoft JDBC Driver for SQL Server will not validate the SQL Server SSL certificate. This is usually required for allowing connections in test environments, such as where the SQL Server instance has only a self signed certificate.
当 encrypt 属性设置为 true 并且 trustServerCertificate 属性设置为 true 时,Microsoft JDBC Driver for SQL Server 将不会验证 SQL Server SSL 证书。这通常是在测试环境中允许连接所必需的,例如在 SQL Server 实例只有自签名证书的情况下。
String connectionUrl =
"jdbc:sqlserver://localhost:1433;" +
"databaseName=AdventureWorks;integratedSecurity=true;" +
"encrypt=true;trustServerCertificate=true";
