Uploaded image for project: 'MariaDB Connector/J'
  1. MariaDB Connector/J
  2. CONJ-882

TLS connection parameters are ignored in properties and must be set in URL

    XMLWordPrintable

Details

    Description

      Currently, TLS parameters must be set in the connection URL. If you try to set them in a Properties object, the connection attempt will fail.

      For example, this test program successfully connects:

      import java.sql.*;
      import java.util.Properties;
       
      public class MariaDB_Connection_Test {
       
         // Main Process
         public static void main(String[] args) {
            Connection conn = null;
       
            try {
       
               Properties connProperties = new Properties();
       
               connProperties.put("user", "my_user");
               connProperties.put("password", "my_passwd");
       
               // Establish the Connection
               conn = DriverManager.getConnection(
                  "jdbc:mariadb://geoff-test-repl.my-proj.instance.skysql.net:5001/?useSSL=true&serverSslCert=/home/geoff/Downloads/tls_chain.pem",
                  connProperties);
       
               // Use the connection
               // ...
            }
            catch (Exception e) {
       
               // Report Exception
               e.printStackTrace();
            }
         }
      }
      

      But this test program fails to connect:

      import java.sql.*;
      import java.util.Properties;
       
      public class MariaDB_Connection_Test {
       
         // Main Process
         public static void main(String[] args) {
            Connection conn = null;
       
            try {
       
               Properties connProperties = new Properties();
       
               connProperties.put("user", "my_user");
               connProperties.put("password", "my_passwd");
               connProperties.put("useSSL", true);
               connProperties.put("serverSslCert", "/home/geoff/Downloads/stage_chain.pem");
       
               // Establish the Connection
               conn = DriverManager.getConnection(
                  "jdbc:mariadb://geoff-test-repl.my-proj.instance.skysql.net:5001/",
                  connProperties);
       
               // Use the connection
               // ...
            }
            catch (Exception e) {
       
               // Report Exception
               e.printStackTrace();
            }
         }
      }
      

      The stack trace is:

      java.sql.SQLInvalidAuthorizationSpecException: Could not connect to address=(geoff-test-repl.my-proj.instance.skysql.net)(port=5001)(type=master) : (conn=89) Access denied for user 'my_user'@'10.87.0.97' (using password: YES)
      Current charset is UTF-8. If password has been set using other charset, consider using option 'passwordCharacterEncoding'
      	at org.mariadb.jdbc.internal.util.exceptions.ExceptionFactory.createException(ExceptionFactory.java:66)
      	at org.mariadb.jdbc.internal.util.exceptions.ExceptionFactory.create(ExceptionFactory.java:192)
      	at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connectWithoutProxy(AbstractConnectProtocol.java:1392)
      	at org.mariadb.jdbc.internal.util.Utils.retrieveProxy(Utils.java:635)
      	at org.mariadb.jdbc.MariaDbConnection.newConnection(MariaDbConnection.java:150)
      	at org.mariadb.jdbc.Driver.connect(Driver.java:89)
      	at java.sql.DriverManager.getConnection(DriverManager.java:664)
      	at java.sql.DriverManager.getConnection(DriverManager.java:208)
      	at MariaDB_Connection_Test.main(MariaDB_Connection_Test.java:24)
      Caused by: java.sql.SQLInvalidAuthorizationSpecException: (conn=89) Access denied for user 'my_user'@'10.87.0.97' (using password: YES)
      Current charset is UTF-8. If password has been set using other charset, consider using option 'passwordCharacterEncoding'
      	at org.mariadb.jdbc.internal.util.exceptions.ExceptionFactory.createException(ExceptionFactory.java:66)
      	at org.mariadb.jdbc.internal.util.exceptions.ExceptionFactory.create(ExceptionFactory.java:187)
      	at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.authenticationHandler(AbstractConnectProtocol.java:767)
      	at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.createConnection(AbstractConnectProtocol.java:553)
      	at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connectWithoutProxy(AbstractConnectProtocol.java:1387)
      	... 6 more
      

      This seems to apply to the following TLS parameters at least, but I have not tested every TLS parameter:

      • useSSL
      • serverSslCert
      • trustServerCertificate

      Attachments

        Issue Links

          Activity

            People

              diego dupin Diego Dupin
              GeoffMontee Geoff Montee (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.