【发布时间】:2014-08-01 11:37:41
【问题描述】:
我正在尝试从我通过 SSL 连接到的 MySQL 数据库生成代码。我从建立数据库的人那里得到了 3 个文件(client-cert.pem、client-key.pem、ca-cert.pem)
要使用 Java 连接到数据库,我首先必须解决证书的另一个问题。在http://bugs.mysql.com/bug.php?id=68957 的帮助和"[17 Apr 2013 9:04] Alexander Soklakov" 的帮助下,我设法让 JDBC 连接在我的 Java 代码中按预期工作。
但现在我不知道在 JOOQs library.xml 中的何处配置 SSL。我在哪里提供 *.pem 文件?还是我创建的信任和密钥库?没有配置 SSL 我得到了
Jun 11, 2014 1:53:40 PM org.jooq.tools.JooqLogger info
Information: Initialising properties : ./library.xml
com.mysql.jdbc.CommunicationsException: Communications link failure due to underlying exception:
** BEGIN NESTED EXCEPTION **
javax.net.ssl.SSLException
MESSAGE: Unsupported record version Unknown-0.0
STACKTRACE:
javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
at sun.security.ssl.InputRecord.readV3Record(Unknown Source)
at sun.security.ssl.InputRecord.read(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:72)
at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:4237)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1222)
at com.mysql.jdbc.Connection.createNewIO(Connection.java:2558)
at com.mysql.jdbc.Connection.<init>(Connection.java:1485)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at org.jooq.util.GenerationTool.run(GenerationTool.java:206)
at org.jooq.util.GenerationTool.main(GenerationTool.java:173)
at org.jooq.util.GenerationTool.main(GenerationTool.java:160)
** END NESTED EXCEPTION **
Last packet sent to the server was 396 ms ago.
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:87)
at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:4237)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1222)
at com.mysql.jdbc.Connection.createNewIO(Connection.java:2558)
at com.mysql.jdbc.Connection.<init>(Connection.java:1485)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at org.jooq.util.GenerationTool.run(GenerationTool.java:206)
at org.jooq.util.GenerationTool.main(GenerationTool.java:173)
at org.jooq.util.GenerationTool.main(GenerationTool.java:160)
Jun 11, 2014 1:53:41 PM org.jooq.tools.JooqLogger error
Schwerwiegend: Cannot read ./library.xml. Error : Communications link failure due to underlying exception:
** BEGIN NESTED EXCEPTION **
javax.net.ssl.SSLException
MESSAGE: Unsupported record version Unknown-0.0
STACKTRACE:
javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
at sun.security.ssl.InputRecord.readV3Record(Unknown Source)
at sun.security.ssl.InputRecord.read(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:72)
at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:4237)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1222)
at com.mysql.jdbc.Connection.createNewIO(Connection.java:2558)
at com.mysql.jdbc.Connection.<init>(Connection.java:1485)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at org.jooq.util.GenerationTool.run(GenerationTool.java:206)
at org.jooq.util.GenerationTool.main(GenerationTool.java:173)
at org.jooq.util.GenerationTool.main(GenerationTool.java:160)
** END NESTED EXCEPTION **
Last packet sent to the server was 396 ms ago.
com.mysql.jdbc.CommunicationsException: Communications link failure due to underlying exception:
** BEGIN NESTED EXCEPTION **
javax.net.ssl.SSLException
MESSAGE: Unsupported record version Unknown-0.0
STACKTRACE:
javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
at sun.security.ssl.InputRecord.readV3Record(Unknown Source)
at sun.security.ssl.InputRecord.read(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:72)
at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:4237)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1222)
at com.mysql.jdbc.Connection.createNewIO(Connection.java:2558)
at com.mysql.jdbc.Connection.<init>(Connection.java:1485)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at org.jooq.util.GenerationTool.run(GenerationTool.java:206)
at org.jooq.util.GenerationTool.main(GenerationTool.java:173)
at org.jooq.util.GenerationTool.main(GenerationTool.java:160)
** END NESTED EXCEPTION **
Last packet sent to the server was 396 ms ago.
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:87)
at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:4237)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1222)
at com.mysql.jdbc.Connection.createNewIO(Connection.java:2558)
at com.mysql.jdbc.Connection.<init>(Connection.java:1485)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at org.jooq.util.GenerationTool.run(GenerationTool.java:206)
at org.jooq.util.GenerationTool.main(GenerationTool.java:173)
at org.jooq.util.GenerationTool.main(GenerationTool.java:160)
Jun 11, 2014 1:53:41 PM org.jooq.tools.JooqLogger error
Schwerwiegend: Usage : GenerationTool <configuration-file>
我的库.xml:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<configuration xmlns="http://www.jooq.org/xsd/jooq-codegen-2.5.0.xsd">
<!-- Configure the database connection here -->
<jdbc>
<driver>com.mysql.jdbc.Driver</driver>
<url>jdbc:mysql://server:3306/dbname?useSSL=true&requireSSL=true&verifyServerCertificate=false;</url>
<user>user</user>
<password>pass</password>
</jdbc>
<generator>
<!-- The default code generator. You can override this one, to generate your own code style
Defaults to org.jooq.util.DefaultGenerator -->
<name>org.jooq.util.DefaultGenerator</name>
<database>
<!-- The database type. The format here is:
org.util.[database].[database]Database -->
<name>org.jooq.util.mysql.MySQLDatabase</name>
<!-- The database schema (or in the absence of schema support, in your RDBMS this
can be the owner, user, database name) to be generated -->
<inputSchema>dbname</inputSchema>
<!-- All elements that are generated from your schema (several Java regular expressions, separated by comma)
Watch out for case-sensitivity. Depending on your database, this might be important! -->
<includes>smv_.*</includes>
<!-- All elements that are excluded from your schema (several Java regular expressions, separated by comma).
Excludes match before includes -->
<excludes></excludes>
</database>
<target>
<!-- The destination package of your generated classes (within the destination directory) -->
<packageName>my.package</packageName>
<!-- The destination directory of your generated classes -->
<directory>./src</directory>
</target>
</generator>
</configuration>
当我查看http://www.jooq.org/xsd/jooq-codegen-2.5.0.xsd下的架构时,我也找不到任何提示
现在看来我不得不放弃使用 JOOQ :(
编辑:我使用 Eclipse 生成 JOOQ 代码,如“从 Eclipse 运行代码生成”下的http://www.jooq.org/doc/3.0/manual/code-generation/codegen-configuration/ 中解释的。
【问题讨论】:
-
如果你从其他人那里得到了客户端密钥,你应该把它扔掉。这是不安全的。您应该生成自己的私钥。否则,它无法执行预期的功能。
-
嗨,EJP。我的问题是,我有很大的时间限制,我不能过多地研究数据库主题——我真的不喜欢这样工作,但这次我被困住了。现在我只是想让它工作以保持我的最后期限......我从数据库所有者那里得到这些文件并认为,客户端密钥就像一个密码,我需要使用它。但我会尝试阅读更多关于 SSL 的内容 - 感谢您的提示,我使用错误并且理解错误。没有解决方案,但也是一个非常有价值的信息!