Hi, It works for me with Java 1.6 and 1.7, but I only tested "localhost" as the server name. Does this work for?
Regards, Thomas On Wednesday, October 14, 2015, Manfred Rosenboom <mar...@gmail.com> wrote: > Hi, > > I want to use my H2 TCP database server with SSL. Basically I start my > server with the following command > > java -server -classpath ./h2-1.4.190.jar -Dh2.enableAnonymousTLS=true > org.h2.tools.Server -tcp -tcpSSL -tcpAllowOthers -tcpPort 28001 > -tcpPassword secret > > and get the following start message: > > TCP server running at ssl://172.17.32.96:28001 (others can connect) > > The server is now running but neither I can access or shutdown the server. > For shutdown I use the following command: > > java -classpath ./h2-1.4.190.jar org.h2.tools.Server -tcpShutdown > ssl://localhost:28001 -tcpShutdownForce -tcpPassword secret > > and get the following messages; > > Shutting down TCP Server at ssl://localhost:28001 > Exception in thread "main" org.h2.jdbc.JdbcSQLException: Connection is > broken: "javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target: localhost:28001" [90067-190] > at > org.h2.message.DbException.getJdbcSQLException(DbException.java:345) > at org.h2.message.DbException.get(DbException.java:168) > at > org.h2.engine.SessionRemote.connectServer(SessionRemote.java:452) > at > org.h2.engine.SessionRemote.connectEmbeddedOrServer(SessionRemote.java:329) > at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:107) > at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:91) > at org.h2.Driver.connect(Driver.java:72) > ... > > Wiht JetBRains 0xDBE I use the following URL > > jdbc:h2:ssl://sles11Manfred2:28001/database > > and get the following error message: > > Connection to H2 - sles11Manfred2 failed > java.sql.SQLException: Verbindung ist unterbrochen: > "javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target: sles11Manfred2:28001" > Connection is broken: "javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target: sles11Manfred2:28001" > [90067-190] > at org.h2.message.DbException.getJdbcSQLException(DbException.java:345) > at org.h2.message.DbException.get(DbException.java:168) > at org.h2.engine.SessionRemote.connectServer(SessionRemote.java:452) > at > org.h2.engine.SessionRemote.connectEmbeddedOrServer(SessionRemote.java:329) > at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:107) > at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:91) > at org.h2.Driver.connect(Driver.java:72) > > > IMHO access to the H2 TCP SSL server should also be possible without > certificates (just encrypt the connection). Is this really possible? > > If yes: what is wrong in my settings? > > If no: of course I can create a keystore and truststore for the server, > but: how can I couple a client certificate to a database user in this case? > Using user and pasword after sending by client certifcate doesn't make much > sense in my opinion. > > Best > Manfred > > -- > You received this message because you are subscribed to the Google Groups > "H2 Database" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to h2-database+unsubscr...@googlegroups.com > <javascript:_e(%7B%7D,'cvml','h2-database%2bunsubscr...@googlegroups.com');> > . > To post to this group, send email to h2-database@googlegroups.com > <javascript:_e(%7B%7D,'cvml','h2-database@googlegroups.com');>. > Visit this group at http://groups.google.com/group/h2-database. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "H2 Database" group. To unsubscribe from this group and stop receiving emails from it, send an email to h2-database+unsubscr...@googlegroups.com. To post to this group, send email to h2-database@googlegroups.com. Visit this group at http://groups.google.com/group/h2-database. For more options, visit https://groups.google.com/d/optout.
