java SSL 身份验证后 JDBC (JTDS) SQL Server 连接关闭
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11497530/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
JDBC (JTDS) SQL Server Connection Closed after SSL Authentication
提问by Brian Hoffman
I am using the jTDS JDBC SQLServer library to connect to a SQL Server 2008 database. It always worked without SSL but once we enabled it, I haven't been able to get it to connect. I've traced the Java as seen below and checked the log on the DB side and the authentication works properly but immediately drops the connection when trying to execute the query. Anyone seen this problem?
我正在使用 jTDS JDBC SQLServer 库连接到 SQL Server 2008 数据库。它总是在没有 SSL 的情况下工作,但是一旦我们启用它,我就无法连接它。我已经跟踪了 Java,如下所示,并检查了 DB 端的日志,身份验证工作正常,但在尝试执行查询时立即断开连接。有人见过这个问题吗?
main, received EOFException: ignored
main, called closeInternal(false)
main, SEND TLSv1 ALERT: warning, description = close_notify
Padded plaintext before ENCRYPTION: len = 32
0000: 01 00 DF 4A F1 23 CF E7 6B 62 3D 7D 4D CD C9 AD ...J.#..kb=.M...
0010: 26 7B 16 59 84 9A 09 09 09 09 09 09 09 09 09 09 &..Y............
main, WRITE: TLSv1 Alert, length = 32
[Raw write]: length = 37
0000: 15 03 01 00 20 12 0A 45 80 96 80 F8 04 62 2F 62 .... ..E.....b/b
0010: E0 35 B9 4D 67 B0 4D D7 AC 9C CF C7 57 CA E1 B2 .5.Mg.M.....W...
0020: 9F DC BA 5E F8 ...^.
main, called closeSocket(selfInitiated)
main, called close()
main, called closeInternal(true)
java.sql.SQLException: I/O Error: DB server closed connection.
at net.sourceforge.jtds.jdbc.TdsCore.executeSQL(TdsCore.java:1053)
at net.sourceforge.jtds.jdbc.JtdsStatement.executeSQLQuery(JtdsStatement.java:465)
at net.sourceforge.jtds.jdbc.JtdsStatement.executeQuery(JtdsStatement.java:1304)
at net.sourceforge.jtds.jdbc.ConnectionJDBC2.<init>(ConnectionJDBC2.java:390)
at net.sourceforge.jtds.jdbc.ConnectionJDBC3.<init>(ConnectionJDBC3.java:50)
at net.sourceforge.jtds.jdbc.Driver.connect(Driver.java:184)
at java.sql.DriverManager.getConnection(DriverManager.java:579)
at java.sql.DriverManager.getConnection(DriverManager.java:221)
at getConnection.main(getConnection.java:25)
Caused by: java.io.IOException: DB server closed connection.
at net.sourceforge.jtds.jdbc.SharedSocket.readPacket(SharedSocket.java:848)
at net.sourceforge.jtds.jdbc.SharedSocket.getNetPacket(SharedSocket.java:727)
at net.sourceforge.jtds.jdbc.ResponseStream.getPacket(ResponseStream.java:466)
at net.sourceforge.jtds.jdbc.ResponseStream.read(ResponseStream.java:103)
at net.sourceforge.jtds.jdbc.ResponseStream.peek(ResponseStream.java:88)
at net.sourceforge.jtds.jdbc.TdsCore.wait(TdsCore.java:3932)
at net.sourceforge.jtds.jdbc.TdsCore.executeSQL(TdsCore.java:1046)
回答by Adam Bell
Oracle introduced a security fix for the SSL/TLS BEAST attack that is known to interfere with Microsoft JDBC/jTDS connections.
Oracle 为已知会干扰 Microsoft JDBC/jTDS 连接的 SSL/TLS BEAST 攻击引入了安全修复程序。
Setting the -Djsse.enableCBCProtection=falsesystem variable will disable the fix and potentially allow the connection.
设置-Djsse.enableCBCProtection=false系统变量将禁用修复并可能允许连接。
Information found in this SO thread: Java7 sqljdbc4 - SQL error 08S01 on getConnection()
在此 SO 线程中找到的信息:Java7 sqljdbc4 - getConnection() 上的 SQL 错误 08S01
回答by Josh
I was able to get around the same basic error by adding ssl=requestor ssl=requireto the URL of the connection string. This either tries or demands that the connection be encrypted. If SQL Server is setup to require encrypted connections then ssl=require will force the connection to use SSL and will satisfy SQL Server.
通过在连接字符串的 URL 中添加ssl=request或ssl=require,我能够解决相同的基本错误。这会尝试或要求加密连接。如果 SQL Server 设置为需要加密连接,则 ssl=require 将强制连接使用 SSL 并满足 SQL Server。
Example:
例子:
jdbc:jtds:sqlserver://[SERVER]/[DATABASE];ssl=require;
jdbc:jtds:sqlserver://[SERVER]/[DATABASE];ssl=require;
