Michael,
On 2/8/24 21:54, Kebret, Michael wrote:
Tomcat version 9.0.83 running on Linux redhat 7 java 11.0.20.
When changing the protocol from TCP to TCPS in Catalina.properties
and in server.xml we have attribute truststorePassword= (tested with
both cleartext and encrypted) password connection is refused to the
DB and get the below exceptions. However, when we add
-Djavax.net.ssl.trustStorePassword=cleartext to setenv.sh the
connection is made successfully. Wanted to see if anyone has faced
something similar or have any suggestions on how I can get TCPS
working without having to use -D option in setenv.sh >
java.sql.SQLException: Unable to start the Universal Connection Pool:
oracle.ucp.UniversalConnectionPoolException: Cannot get Connection
from Datasource: java.sql.SQLRecoverableException: IO Error: The
Network Adapter could not establish the connection
You probably do not want to set a JVM-wide default trust store password.
Instead, you probably want to use your JDBC connection URL to pass the
trust store location and password directly to the driver.
Something like
jdbc:oracle:thin:@//[HOST][:PORT]/SERVICE?truststore=/etc/myapp/db.p12&trustStorePassword=changeit
Have a look at
https://docs.oracle.com/cd/E13222_01/wls/docs81/jdbc_drivers/oracle.html#1066413
for inspiration. I'm not sure if this is the driver you are using or not.
I don't see anything in there that applies. :(
Perhaps Oracle's driver really does require that you use JVM-wide trust
store and password? Super-yuck.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
