Uploaded image for project: 'ActiveMQ'
  1. ActiveMQ
  2. AMQ-6836

JVM trustStore does not propagate to JDBC

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 5.15.1
    • None
    • JDBC
    • None

    Description

      When configuring ActiveMQ to use JDBC and MySQL with SSL the JVMs trustStore does not propagate to the MySQL driver.

      Neither the JVMs default trustStore jre/lib/security/cacerts nor if you configure a trustStore with -Djavax.net.ssl.trustStore=/etc/ssl/certs/java/cacerts will be used when connecting to MySQL.

      For it to work you have to configure it with trustCertificateKeyStoreUrl=file:///etc/ssl/certs/java/cacerts in the JDBC URL.

      We have tested to write code which both uses plain JDBC and DBCP and both of those works by using the default cacert-file and one specified with -Djavax.net.ssl.trustStore.

      Example code:

      import java.io.IOException;
      import java.sql.Connection;
      import java.sql.DriverManager;
      import java.sql.ResultSet;
      import java.sql.SQLException;
      import java.sql.Statement;
      import org.apache.commons.dbcp2.BasicDataSource;
      import javax.sql.DataSource;
      
      public class Launcher {
        public static void main(String[] args) throws SQLException, ClassNotFoundException {
          StringBuffer sb = new StringBuffer("jdbc:mysql://hostname/database?useSSL=true&");
          sb.append("useJDBCCompliantTimezoneShift=true&requireSSL=true&verifyServerCertificate=true&connectTimeout=5000&socketTimeout=5000&queryTimeoutKillsConnection=true&");
          sb.append("poolPreparedStatements=true&validationQuery=select 1&");
          // sb.append("trustCertificateKeyStorePassword=changeit&");
          // sb.append("trustCertificateKeyStoreUrl=file:///etc/ssl/certs/java/cacerts&");
          sb.append("user=user&password=password");
      
          DataSource dataSource = setupDataSource(sb.toString());
          Connection c = dataSource.getConnection();
      
          Statement st = c.createStatement();
          ResultSet rs = st.executeQuery("SELECT 1 as id");
          while (rs.next()) {
            System.out.println(rs.getInt("id"));
          }
          rs.close(); st.close(); c.close();
      
        }
        public static DataSource setupDataSource(String connectURI) {
          BasicDataSource ds = new BasicDataSource();
          ds.setDriverClassName("com.mysql.jdbc.Driver");
          ds.setUrl(connectURI);
          return ds;
        }
      }
      

      Attachments

        Activity

          People

            Unassigned Unassigned
            simmel Simon Lundstrom
            Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: