【发布时间】:2019-05-13 20:47:37
【问题描述】:
我正在尝试使用 Java 和 SSL 连接到 Oracle 数据库。现在,我在服务器上安装了带有数据库的 Java 程序。
当我尝试运行它时出现此错误(评论中的完整错误):
java.sql.SQLRecoverableException: IO Error: Inbound closed before receiving peer's close_notify: possible truncation attack?, connect lapse 15 ms., Authentication lapse 0 ms.
这是我的java代码:
public static void main(String[] args) {
Security.addProvider(new oracle.security.pki.OraclePKIProvider());
String url = "jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=localhost)(PORT=2484))(CONNECT_DATA=(SERVICE_NAME=ORCL)))";
Properties props = new Properties();
props.setProperty("javax.net.ssl.trustStore",
"C:\\app\\Administrator\\virtual\\product\\12.2.0\\dbhome_1\\bin\\wallets\\Administrator\\cwallet.sso");
props.setProperty("javax.net.ssl.trustStoreType","SSO");
props.setProperty("javax.net.ssl.keyStore",
"C:\\app\\Administrator\\virtual\\product\\12.2.0\\dbhome_1\\bin\\wallets\\Administrator\\cwallet.sso");
props.setProperty("javax.net.ssl.keyStoreType","SSO");
try {
Connection conn = DriverManager.getConnection(url, props);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
我将此添加到 listener.ora 和 tnsnames.ora(我也尝试使用 sso 文件并仅链接到目录)
WALLET_LOCATION=(SOURCE=(METHOD=FILE) (METHOD_DATA=(DIRECTORY=C:\app\Administrator\virtual\product\12.2.0\dbhome_1\bin\wallets\Administrator\ewallet.p12 ))
SSL_CLIENT_AUTHENTICATION=TRUE
我也将此添加到 java.security:
security.provider.11=oracle.security.pki.OraclePKIProvider
edit:我没有意识到 cmets 的长度限制这么短。这是完整的错误:
Caused by: java.io.IOException: Inbound closed before receiving peer's close_notify: possible truncation attack?, connect lapse 11 ms., Authentication lapse 0 ms.
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:790)
... 6 more
Caused by: java.io.IOException: Inbound closed before receiving peer's close_notify: possible truncation attack?, connect lapse 11 ms.
at oracle.net.ns.NSProtocolNIO.negotiateConnection(NSProtocolNIO.java:138)
at oracle.net.ns.NSProtocol.connect(NSProtocol.java:317)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1438)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:518)
... 6 more
Caused by: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
at sun.security.ssl.SSLEngineImpl.closeInbound(Unknown Source)
at oracle.net.nt.SSLSocketChannel.fill(SSLSocketChannel.java:534)
at oracle.net.nt.SSLSocketChannel.unwrap(SSLSocketChannel.java:434)
at oracle.net.nt.SSLSocketChannel.handshake(SSLSocketChannel.java:350)
at oracle.net.nt.SSLSocketChannel.write(SSLSocketChannel.java:238)
at oracle.net.ns.NIOPacket.writeToSocketChannel(NIOPacket.java:211)
at oracle.net.ns.NIOConnectPacket.writeToSocketChannel(NIOConnectPacket.java:232)
at oracle.net.ns.NSProtocolNIO.negotiateConnection(NSProtocolNIO.java:108)
... 9 more
【问题讨论】:
-
哪个版本的Oracle,哪个版本的Oracle JDBC驱动,哪个版本的Java(请全部完整版)
-
@Mark Oracle 版本:12.2.0.1.0 OJDBC:12.2.0.1 Java:1.8.0_191
-
你能解决这个问题吗?我也面临同样的问题
标签: java oracle ssl jdbc ojdbc