Виртуальная машина Azure не может подключиться к службе SQL Azure
Я получаю приведенную ниже ошибку SSL от службы SonarQube, которую я запускаю на виртуальной машине Azure с использованием экземпляра Azure SQL Server, который определяется отдельно на портале Azure (а не внутри виртуальной машины). Есть ли какая-то конфигурация, которую мне не хватает в настройке SSL-сертификата? Я могу подключиться к этой базе данных с моего локального компьютера.
java.lang.IllegalStateException: Can not connect to database. Please check connectivity and settings (see the properties prefixed by 'sonar.jdbc.').
at org.sonar.db.DefaultDatabase.checkConnection(DefaultDatabase.java:104) ~[sonar-db-5.4.jar:na]
at org.sonar.db.DefaultDatabase.start(DefaultDatabase.java:71) ~[sonar-db-5.4.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_91]
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_91]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_91]
at java.lang.reflect.Method.invoke(Unknown Source) ~[na:1.8.0_91]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer$1.start(ComponentContainer.java:312) ~[sonar-core-5.4.jar:na]
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored.start(Stored.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:134) ~[sonar-core-5.4.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.Platform.start(Platform.java:214) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.Platform.startLevel1Container(Platform.java:173) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.Platform.init(Platform.java:90) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:43) ~[sonar-server-5.4.jar:na]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4812) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5255) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398) [tomcat-embed-core-8.0.30.jar:8.0.30]
at java.util.concurrent.FutureTask.run(Unknown Source) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [na:1.8.0_91]
at java.lang.Thread.run(Unknown Source) [na:1.8.0_91]
Caused by: org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "java.security.cert.CertificateException: Failed to validate the server name in a certificate during Secure Sockets Layer (SSL) initialization.". ClientConnectionId:7d086664-7bbe-4c9f-aff7-bb459fd5ba20)
at org.apache.commons.dbcp.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:1549) ~[commons-dbcp-1.4.jar:1.4]
at org.apache.commons.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1388) ~[commons-dbcp-1.4.jar:1.4]
at org.apache.commons.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044) ~[commons-dbcp-1.4.jar:1.4]
at org.sonar.db.profiling.NullConnectionInterceptor.getConnection(NullConnectionInterceptor.java:31) ~[sonar-db-5.4.jar:na]
at org.sonar.db.profiling.ProfiledDataSource.getConnection(ProfiledDataSource.java:323) ~[sonar-db-5.4.jar:na]
at org.sonar.db.DefaultDatabase.checkConnection(DefaultDatabase.java:102) ~[sonar-db-5.4.jar:na]
... 30 common frames omitted
Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "java.security.cert.CertificateException: Failed to validate the server name in a certificate during Secure Sockets Layer (SSL) initialization.". ClientConnectionId:7d086664-7bbe-4c9f-aff7-bb459fd5ba20
at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:1668) ~[sqljdbc41.jar:na]
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1668) ~[sqljdbc41.jar:na]
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1324) ~[sqljdbc41.jar:na]
at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:992) ~[sqljdbc41.jar:na]
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:828) ~[sqljdbc41.jar:na]
at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1012) ~[sqljdbc41.jar:na]
at org.apache.commons.dbcp.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:38) ~[commons-dbcp-1.4.jar:1.4]
at org.apache.commons.dbcp.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:582) ~[commons-dbcp-1.4.jar:1.4]
at org.apache.commons.dbcp.BasicDataSource.validateConnectionFactory(BasicDataSource.java:1556) ~[commons-dbcp-1.4.jar:1.4]
at org.apache.commons.dbcp.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:1545) ~[commons-dbcp-1.4.jar:1.4]
... 35 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Failed to validate the server name in a certificate during Secure Sockets Layer (SSL) initialization.
at sun.security.ssl.Alerts.getSSLException(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.Handshaker.fatalSE(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.Handshaker.fatalSE(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.Handshaker.processLoop(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.Handshaker.process_record(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) ~[na:1.8.0_91]
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1618) ~[sqljdbc41.jar:na]
... 43 common frames omitted
Caused by: java.security.cert.CertificateException: Failed to validate the server name in a certificate during Secure Sockets Layer (SSL) initialization.
at com.microsoft.sqlserver.jdbc.TDSChannel$HostNameOverrideX509TrustManager.validateServerNameInCertificate(IOBuffer.java:1431) ~[sqljdbc41.jar:na]
at com.microsoft.sqlserver.jdbc.TDSChannel$HostNameOverrideX509TrustManager.checkServerTrusted(IOBuffer.java:1324) ~[sqljdbc41.jar:na]
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(Unknown Source) ~[na:1.8.0_91]
... 52 common frames omitted
1 ответ
Похоже, что проблема была вызвана тем, что вы в настоящее время использовали версию Jd bc MS SQL Server, которая является низкой.
Пожалуйста, попробуйте скачать отсюда версию jdbc для SQL Server, которая выше, чем версия 4.0, вместо вашей текущей.
Вы можете обратиться к документу Соединение с шифрованием SSL для настройки строки соединения jdbc с шифрованием SSL.
Существовал аналогичный поток SO, на который вы можете сослаться, см. Раздел "Исключение сертификата" при подключении к Azure SQL с JDBC со строкой подключения по умолчанию (которую консоль управления говорит использовать).