I'm using Tomcat 6.0.29 version with Java 1.6.0_45 on Windows server 2008 and started noticing SSL related information in Catalina logs recently. >From the logs it looks like SSL is getting enabled for JDBC. Any help to understand why the below information shows up in catalina logs would be much appreciated? There is nothing that got changed in the JDBC datasource configuration recently and the application uses SQL server 2008.
>From catalina.log Oct 31, 2016 10:18:26 AM com.microsoft.sqlserver.jdbc.TDSChannel enableSSL INFO: java.security path: C:\Program Files\Java\jre6\lib\security Security providers: [SUN version 1.6, SunRsaSign version 1.5, SunJSSE version 1.6, SunJCE version 1.6, SunJGSS version 1.0, SunSASL version 1.5, XMLDSig version 1.0, SunPCSC version 1.6, SunMSCAPI version 1.6] SSLContext provider info: Sun JSSE provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1) SSLContext provider services: [SunJSSE: KeyFactory.RSA -> sun.security.rsa.RSAKeyFactory aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1] , SunJSSE: KeyPairGenerator.RSA -> sun.security.rsa.RSAKeyPairGenerator aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1] , SunJSSE: Signature.MD2withRSA -> sun.security.rsa.RSASignature$MD2withRSA aliases: [1.2.840.113549.1.1.2, OID.1.2.840.113549.1.1.2] , SunJSSE: Signature.MD5withRSA -> sun.security.rsa.RSASignature$MD5withRSA aliases: [1.2.840.113549.1.1.4, OID.1.2.840.113549.1.1.4] , SunJSSE: Signature.SHA1withRSA -> sun.security.rsa.RSASignature$SHA1withRSA aliases: [1.2.840.113549.1.1.5, OID.1.2.840.113549.1.1.5, 1.3.14.3.2.29, OID.1.3.14.3.2.29] , SunJSSE: Signature.MD5andSHA1withRSA -> com.sun.net.ssl.internal.ssl.RSASignature , SunJSSE: KeyManagerFactory.SunX509 -> com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509 , SunJSSE: KeyManagerFactory.NewSunX509 -> com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$X509 , SunJSSE: TrustManagerFactory.SunX509 -> com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$SimpleFactory , SunJSSE: TrustManagerFactory.PKIX -> com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl$PKIXFactory aliases: [SunPKIX, X509, X.509] , SunJSSE: SSLContext.SSL -> com.sun.net.ssl.internal.ssl.SSLContextImpl , SunJSSE: SSLContext.SSLv3 -> com.sun.net.ssl.internal.ssl.SSLContextImpl , SunJSSE: SSLContext.TLS -> com.sun.net.ssl.internal.ssl.SSLContextImpl , SunJSSE: SSLContext.TLSv1 -> com.sun.net.ssl.internal.ssl.SSLContextImpl , SunJSSE: SSLContext.Default -> com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl , SunJSSE: KeyStore.PKCS12 -> com.sun.net.ssl.internal.pkcs12.PKCS12KeyStore ] java.ext.dirs: C:\Program Files\Java\jre6\lib\ext;C:\Windows\Sun\Java\lib\ext And sometimes, there are warnings in the catalina logs about DB connection pool initialization and the application would not be able to connect to databases until another Tomcat restart. Oct 31, 2016 10:18:26 AM org.apache.naming.NamingContext lookup WARNING: Unexpected exception resolving reference org.apache.tomcat.dbcp.dbcp.SQLNestedException: Error preloading the connection pool at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1398) at org.apache.tomcat.dbcp.dbcp.BasicDataSource.getLogWriter(BasicDataSource.java:1098) at org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory.createDataSource(BasicDataSourceFactory.java:350) at org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory.getObjectInstance(BasicDataSourceFactory.java:156) at org.moss.jdj.dbcp.EncryptedDataSourceFactory.getObjectInstance(EncryptedDataSourceFactory.java:25) ............ at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "SQL Server returned an incomplete response. The connection has been closed.". at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:1352) at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1533) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1042) at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:817) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:700) at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:842) at org.apache.tomcat.dbcp.dbcp.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:38) at org.apache.tomcat.dbcp.dbcp.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:582) at org.apache.tomcat.dbcp.pool.impl.GenericObjectPool.addObject(GenericObjectPool.java:1617) at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1395) ... 37 more Caused by: java.io.IOException: SQL Server returned an incomplete response. The connection has been closed. at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.ensureSSLPayload(IOBuffer.java:607) at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.readInternal(IOBuffer.java:664) at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.read(IOBuffer.java:656) at com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.readInternal(IOBuffer.java:851) at com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.read(IOBuffer.java:839) at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source) at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1483) ... 45 more Cheers! Mohan *Mohankumar Muthusamy*
