MSsql jdbc Using Encrypt=true does not work
search cancel

MSsql jdbc Using Encrypt=true does not work

book

Article ID: 405009

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

Unable to setup encryption  the JDBC connection:

jdbc:sqlserver://mysqlserver:1433;Database=name;Encrypt=false

It is possible to set:

Encrypt=true;TrustServerCertificate=false;

However, when setting TrustServerCertificate=false, it is also necessary to configure the hostNameInCertificate parameter.

Do we need to import the server's certificate in the gateway certificate store ?

 

Resolution

The MSsql jdbc driver is not capable to retrieve the certs from the gateway certificate store , it will try to validate against the default java certs file

Import the MSsql server cert to the cacerts file with the following example.

/opt/SecureSpan/JDK/bin/keytool -importcert -file MSsql.crt -keystore /opt/SecureSpan/JDK/lib/security/cacerts -trustcacerts -alias MSsql