Hello Everyone,
I am trying to verify the subject name of the server certificate and I have only the CA Certificate of the server.
equivalent of --ssl-verify-server-cert
When I specify verifyServerCertificate=true in the following connection string : Irrespective of the subject name in the server certificate, its connecting to database. Can some one tell me how should I change this to verify the subject name ? :(
jdbc:mysql://jithethner.sin.hostname:3306/INFORMATION_SCHEMA?socketTimeout=10000&connectTimeout=10000&useSSL=true&verifyServerCertificate=true&trustCertificateKeyStoreUrl=file:/tmp/cacert.jks&trustCertificateKeyStoreType=JKS&trustCertificateKeyStorePassword=keystorepwd, properties: {user=username, password=password}
I gave clientCertificateKeyStore* instead of trustCertificateKeyStore*, because in the description of verifyServerCertificate, it said use clientCertificateKeyStore* properties. Then its showed some error like TrustManagerFactorImpl not initialized. Thank you for any help !!!
I am trying to verify the subject name of the server certificate and I have only the CA Certificate of the server.
equivalent of --ssl-verify-server-cert
When I specify verifyServerCertificate=true in the following connection string : Irrespective of the subject name in the server certificate, its connecting to database. Can some one tell me how should I change this to verify the subject name ? :(
jdbc:mysql://jithethner.sin.hostname:3306/INFORMATION_SCHEMA?socketTimeout=10000&connectTimeout=10000&useSSL=true&verifyServerCertificate=true&trustCertificateKeyStoreUrl=file:/tmp/cacert.jks&trustCertificateKeyStoreType=JKS&trustCertificateKeyStorePassword=keystorepwd, properties: {user=username, password=password}
I gave clientCertificateKeyStore* instead of trustCertificateKeyStore*, because in the description of verifyServerCertificate, it said use clientCertificateKeyStore* properties. Then its showed some error like TrustManagerFactorImpl not initialized. Thank you for any help !!!