Uploaded image for project: 'MariaDB Connector/J'
  1. MariaDB Connector/J
  2. CONJ-882

TLS connection parameters are ignored in properties and must be set in URL

    XMLWordPrintable

    Details

      Description

      Currently, TLS parameters must be set in the connection URL. If you try to set them in a Properties object, the connection attempt will fail.

      For example, this test program successfully connects:

      import java.sql.*;
      import java.util.Properties;
       
      public class MariaDB_Connection_Test {
       
         // Main Process
         public static void main(String[] args) {
            Connection conn = null;
       
            try {
       
               Properties connProperties = new Properties();
       
               connProperties.put("user", "my_user");
               connProperties.put("password", "my_passwd");
       
               // Establish the Connection
               conn = DriverManager.getConnection(
                  "jdbc:mariadb://geoff-test-repl.my-proj.instance.skysql.net:5001/?useSSL=true&serverSslCert=/home/geoff/Downloads/tls_chain.pem",
                  connProperties);
       
               // Use the connection
               // ...
            }
            catch (Exception e) {
       
               // Report Exception
               e.printStackTrace();
            }
         }
      }
      

      But this test program fails to connect:

      import java.sql.*;
      import java.util.Properties;
       
      public class MariaDB_Connection_Test {
       
         // Main Process
         public static void main(String[] args) {
            Connection conn = null;
       
            try {
       
               Properties connProperties = new Properties();
       
               connProperties.put("user", "my_user");
               connProperties.put("password", "my_passwd");
               connProperties.put("useSSL", true);
               connProperties.put("serverSslCert", "/home/geoff/Downloads/stage_chain.pem");
       
               // Establish the Connection
               conn = DriverManager.getConnection(
                  "jdbc:mariadb://geoff-test-repl.my-proj.instance.skysql.net:5001/",
                  connProperties);
       
               // Use the connection
               // ...
            }
            catch (Exception e) {
       
               // Report Exception
               e.printStackTrace();
            }
         }
      }
      

      The stack trace is:

      java.sql.SQLInvalidAuthorizationSpecException: Could not connect to address=(geoff-test-repl.my-proj.instance.skysql.net)(port=5001)(type=master) : (conn=89) Access denied for user 'my_user'@'10.87.0.97' (using password: YES)
      Current charset is UTF-8. If password has been set using other charset, consider using option 'passwordCharacterEncoding'
      	at org.mariadb.jdbc.internal.util.exceptions.ExceptionFactory.createException(ExceptionFactory.java:66)
      	at org.mariadb.jdbc.internal.util.exceptions.ExceptionFactory.create(ExceptionFactory.java:192)
      	at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connectWithoutProxy(AbstractConnectProtocol.java:1392)
      	at org.mariadb.jdbc.internal.util.Utils.retrieveProxy(Utils.java:635)
      	at org.mariadb.jdbc.MariaDbConnection.newConnection(MariaDbConnection.java:150)
      	at org.mariadb.jdbc.Driver.connect(Driver.java:89)
      	at java.sql.DriverManager.getConnection(DriverManager.java:664)
      	at java.sql.DriverManager.getConnection(DriverManager.java:208)
      	at MariaDB_Connection_Test.main(MariaDB_Connection_Test.java:24)
      Caused by: java.sql.SQLInvalidAuthorizationSpecException: (conn=89) Access denied for user 'my_user'@'10.87.0.97' (using password: YES)
      Current charset is UTF-8. If password has been set using other charset, consider using option 'passwordCharacterEncoding'
      	at org.mariadb.jdbc.internal.util.exceptions.ExceptionFactory.createException(ExceptionFactory.java:66)
      	at org.mariadb.jdbc.internal.util.exceptions.ExceptionFactory.create(ExceptionFactory.java:187)
      	at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.authenticationHandler(AbstractConnectProtocol.java:767)
      	at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.createConnection(AbstractConnectProtocol.java:553)
      	at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connectWithoutProxy(AbstractConnectProtocol.java:1387)
      	... 6 more
      

      This seems to apply to the following TLS parameters at least, but I have not tested every TLS parameter:

      • useSSL
      • serverSslCert
      • trustServerCertificate

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              diego dupin Diego Dupin
              Reporter:
              GeoffMontee Geoff Montee
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Git Integration