Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-2795

Unable to bring up server with SSL peer authentication enabled

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 10.3.1.4
    • 10.3.1.4
    • Network Server
    • None
    • Normal

    Description

      I was able to bring up the server with basic SSL support (-ssl basic). The server came up and printed this diagnostic:

      Apache Derby Network Server - 10.3.0.0 alpha - (545529M) started and ready to accept SSL connections on port 8246 at 2007-06-08 19:11:51.449 GMT

      However, when I brought up the server with SSL peer authentication (-ssl authenticate), the server came up without printing out an SSL diagnostic. I was able to connect to the server from a client which did not request ssl on the connection URL. I was able to shutdown the server without specifying an ssl option on the shutdown command line. Here is the command I used to bring up the network server with SSL peer authentication:

      java \
      -Dderby.connection.requireAuthentication=true \
      -Dderby.authentication.provider=BUILTIN \
      -Dderby.user.\"rick\"=rickspassword \
      -Dderby.database.sqlAuthorization=true \
      -Djavax.net.ssl.keyStore=/export/home/rh161140/derby/keystores/serverKeyStore.key \
      -Djavax.net.ssl.keyStorePassword=serverKeystorePassword \
      -Djavax.net.ssl.trustStore=/export/home/rh161140/derby/keystores/serverKeyStore.key \
      -Djavax.net.ssl.trustStorePassword=serverKeystorePassword \
      org.apache.derby.drda.NetworkServerControl start -p 8246 -ssl peerAuthenticate

      Attachments

        1. DERBY-2795-code-bug.diff
          3 kB
          Bernt Johnsen
        2. DERBY-2795-code-bug.stat
          0.1 kB
          Bernt Johnsen
        3. DERBY-2795-doc-bug.diff
          0.5 kB
          Bernt Johnsen

        Issue Links

          Activity

            People

              bernt Bernt Johnsen
              rhillegas Richard N. Hillegas
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: