JDBC connection SQLService Times Error: "The driver could not establish a secure connection by using Secure Sockets Layer (SSL) encryption and SQL Server"

Others 2019-09-17 03:56:03 views: null

1. Environment

  • IDE: IDEA
  • JDK : JAVA1.8
  • SQLServer editions: SQL Server 2008

2. The specific error message

17:43:11 2019-09-16 [-Druid-the ConnectionPool the Create-847 839 957] ERROR cadpDruidDataSource - Create Connection SQLException, URL: JDBC: SQLServer: // localhost; DatabaseName = PT_STORE_HLW, errorCode 0, State 08S01 
com.microsoft.sqlserver .jdbc.SQLServerException: driver could not establish a secure connection by using secure sockets layer (SSL) encryption to SQL Server. Error: "SQL Server does not return a response connection was closed ClientConnectionId:.. 22dc49b0-221d-4a51-9a84-8d507658df6e" . 
	com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate AT (SQLServerConnection.java:1667) 
	AT com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL (IOBuffer.java:1668) 
	AT com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper (SQLServerConnection.java:1323)  
	AT com.microsoft.sqlserver.jdbc.SQLServerConnection.login (SQLServerConnection.java:991)
	AT com.microsoft.sqlserver.jdbc.SQLServerConnection.connect (SQLServerConnection.java:827)
	at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1012)
	at com.alibaba.druid.filter.FilterChainImpl.connection_connect(FilterChainImpl.java:156)
	at com.alibaba.druid.filter.stat.StatFilter.connection_connect(StatFilter.java:218)
	at com.alibaba.druid.filter.FilterChainImpl.connection_connect(FilterChainImpl.java:150)
	at com.alibaba.druid.pool.DruidAbstractDataSource.createPhysicalConnection(DruidAbstractDataSource.java:1560)
	at com.alibaba.druid.pool.DruidAbstractDataSource.createPhysicalConnection(DruidAbstractDataSource.java:1623)
	at com.alibaba.druid.pool.DruidDataSource$CreateConnectionThread.run(DruidDataSource.java:2468)
Caused by: java.io.IOException: SQL Server 未返回响应。连接已关闭。 ClientConnectionId:22dc49b0-221d-4a51-9a84-8d507658df6e
	at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.ensureSSLPayload(IOBuffer.java:651)
	at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.readInternal(IOBuffer.java:708)
	at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.read(IOBuffer.java:700)
	at com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.readInternal(IOBuffer.java:895)
	at com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.read(IOBuffer.java:883)
	at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
	at sun.security.ssl.InputRecord.read(InputRecord.java:503)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:975)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
	at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1618)
	... 10 common frames omitted

 

Resolution process:

  Online Baidu and some say that because the problem JDK1.6, but I use the JDK1.8

  There are also said to be missing two jar jre package, after this attempt is not the reason

Solve :

In JDK 8 and earlier, edit the file and /lib/security/java.security 3DES_EDE_CBC deleted from jdk.tls.legacyAlgorithms security attributes.
Official documentation states: Please note that this is a low risk of change. It is unlikely to lead to reunification, because it will only affect the order of negotiation algorithm. If there are no other non-legacy algorithms is available, will use 3DES (if listed on the list of legacy algorithm).

The following jdk in java.security, may be used to remove 3DES_EDE_CBC jdbc connect sqlserver.

In Java 8 is disabled by default [cipher suite]:. "SSL_RSA_WITH_3DES_EDE_CBC_SHA"
Then you want to connect successful, to open "SSL_RSA_WITH_3DES_EDE_CBC_SHA", to find the answer is:
Open the folder (JAVA_HOME) / jre / lib / security policy document security in: Java .security
modify jdk.tls.disabledAlgorithms options.
Java jdk.tls.disabledAlgorithms Default 8:
jdk.tls.disabledAlgorithms = the MD5, SSLv3, the DSA, the RSA KeySize <2048
jdk.tls.disabledAlgorithms = SSLv3, the RC4, MD5withRSA,, DH KeySize <1024,
EC KeySize <224, DES40_CBC , RC4_40,3DES_EDE_CBC

In order to open SSL_RSA_WITH_3DES_EDE_CBC_SHA, will 3DES_EDE_CBC commented:

Java 8 的 jdk.tls.disabledAlgorithms 默认值:
jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024,
EC keySize < 224, DES40_CBC, RC4_40
#,3DES_EDE_CBC

 

Guess you like

Origin www.cnblogs.com/blsz/p/11530380.html
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com