Hi, It works for me with Java 1.6 and 1.7, but I only tested "localhost" as the server name. Does this work for?
Regards, Thomas On Wednesday, October 14, 2015, Manfred Rosenboom <[email protected]> wrote: > Hi, > > I want to use my H2 TCP database server with SSL. Basically I start my > server with the following command > > java -server -classpath ./h2-1.4.190.jar -Dh2.enableAnonymousTLS=true > org.h2.tools.Server -tcp -tcpSSL -tcpAllowOthers -tcpPort 28001 > -tcpPassword secret > > and get the following start message: > > TCP server running at ssl://172.17.32.96:28001 (others can connect) > > The server is now running but neither I can access or shutdown the server. > For shutdown I use the following command: > > java -classpath ./h2-1.4.190.jar org.h2.tools.Server -tcpShutdown > ssl://localhost:28001 -tcpShutdownForce -tcpPassword secret > > and get the following messages; > > Shutting down TCP Server at ssl://localhost:28001 > Exception in thread "main" org.h2.jdbc.JdbcSQLException: Connection is > broken: "javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target: localhost:28001" [90067-190] > at > org.h2.message.DbException.getJdbcSQLException(DbException.java:345) > at org.h2.message.DbException.get(DbException.java:168) > at > org.h2.engine.SessionRemote.connectServer(SessionRemote.java:452) > at > org.h2.engine.SessionRemote.connectEmbeddedOrServer(SessionRemote.java:329) > at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:107) > at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:91) > at org.h2.Driver.connect(Driver.java:72) > ... > > Wiht JetBRains 0xDBE I use the following URL > > jdbc:h2:ssl://sles11Manfred2:28001/database > > and get the following error message: > > Connection to H2 - sles11Manfred2 failed > java.sql.SQLException: Verbindung ist unterbrochen: > "javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target: sles11Manfred2:28001" > Connection is broken: "javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target: sles11Manfred2:28001" > [90067-190] > at org.h2.message.DbException.getJdbcSQLException(DbException.java:345) > at org.h2.message.DbException.get(DbException.java:168) > at org.h2.engine.SessionRemote.connectServer(SessionRemote.java:452) > at > org.h2.engine.SessionRemote.connectEmbeddedOrServer(SessionRemote.java:329) > at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:107) > at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:91) > at org.h2.Driver.connect(Driver.java:72) > > > IMHO access to the H2 TCP SSL server should also be possible without > certificates (just encrypt the connection). Is this really possible? > > If yes: what is wrong in my settings? > > If no: of course I can create a keystore and truststore for the server, > but: how can I couple a client certificate to a database user in this case? > Using user and pasword after sending by client certifcate doesn't make much > sense in my opinion. > > Best > Manfred > > -- > You received this message because you are subscribed to the Google Groups > "H2 Database" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <javascript:_e(%7B%7D,'cvml','h2-database%[email protected]');> > . > To post to this group, send email to [email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>. > Visit this group at http://groups.google.com/group/h2-database. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "H2 Database" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/h2-database. For more options, visit https://groups.google.com/d/optout.
