Connection errors to database
43 views
Skip to first unread message
Dave Miles
Apr 26, 2024, 7:20:26 AMApr 26
to pwm-general
Using MS-SQL 2019 I'm receiving the following error which is clearly a certificate error. The DB *is on the local server. Which and where certificates do I need to import to overcome this?
2024-04-26T12:16:38Z, INFO , pwm.PwmApplication, initializing, application mode=CONFIGURATION, applicationPath=D:\PWM, configFile=D:\PWM\PwmConfiguration.xml
2024-04-26T12:16:39Z, INFO , localdb.LocalDBFactory, LocalDB open, db size: 32.43 MB at D:\PWM\LocalDB, 39.69 GB free (594ms)
2024-04-26T12:16:39Z, ERROR, pwm.PwmApplication, error retrieving key 'localdb.logger.storage.format' value from localDB: null
2024-04-26T12:16:39Z, INFO , logging.LocalDBLogger, open, events=6464, tailAge=25d:10h:40m, maxEvents=1000000, maxAge=28d, localDBSize=32.43 MB (31ms)
2024-04-26T12:16:39Z, ERROR, pwm.PwmApplication, error retrieving key 'lastLdapError' value from localDB: null
2024-04-26T12:16:40Z, ERROR, db.DatabaseService, 5051 ERROR_DB_UNAVAILABLE (error connecting to database: com.microsoft.sqlserver.jdbc.SQLServerException: "encrypt" property is set to "true" and "trustServerCertificate" property is set to "false" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. ClientConnectionId:d41221e3-0179-46f3-b1c4-7ba27f6eddda, cause:javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, cause:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, cause:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
2024-04-26T12:16:40Z, WARN , db.DatabaseService, exception initializing database service: 5051 ERROR_DB_UNAVAILABLE (error connecting to database: com.microsoft.sqlserver.jdbc.SQLServerException: "encrypt" property is set to "true" and "trustServerCertificate" property is set to "false" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. ClientConnectionId:d41221e3-0179-46f3-b1c4-7ba27f6eddda, cause:javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, cause:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, cause:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
2024-04-26T12:16:40Z, WARN , email.EmailServerUtil, discarding incompletely configured email address for smtp server profile default
2024-04-26T12:16:40Z, INFO , intruder.IntruderManager, starting using LocalDB data store
2024-04-26T12:16:40Z, ERROR, node.NodeService, error starting up node service: 5093 ERROR_NODE_SERVICE_ERROR (database service is not available)
2024-04-26T12:16:40Z, INFO , pwm.PwmApplication, PWM v2.0.6 baaefbe7 open for bidness! (1875ms)
2024-04-26T12:16:41Z, INFO , event.AuditService, audit event: {"instance":"7E6014562F743244","type":"SYSTEM","eventCode":"STARTUP","guid":"c1163c91-e719-46a4-9ccd-928e9b892317","timestamp":"2024-04-26T11:16:41Z","narrative":"PWM has started up","xdasTaxonomy":"XDAS_AE_INVOKE_SERVICE","xdasOutcome":"XDAS_OUT_SUCCESS"}
2024-04-26T12:16:38Z, INFO , pwm.PwmApplication, initializing, application mode=CONFIGURATION, applicationPath=D:\PWM, configFile=D:\PWM\PwmConfiguration.xml
2024-04-26T12:16:39Z, INFO , localdb.LocalDBFactory, LocalDB open, db size: 32.43 MB at D:\PWM\LocalDB, 39.69 GB free (594ms)
2024-04-26T12:16:39Z, ERROR, pwm.PwmApplication, error retrieving key 'localdb.logger.storage.format' value from localDB: null
2024-04-26T12:16:39Z, INFO , logging.LocalDBLogger, open, events=6464, tailAge=25d:10h:40m, maxEvents=1000000, maxAge=28d, localDBSize=32.43 MB (31ms)
2024-04-26T12:16:39Z, ERROR, pwm.PwmApplication, error retrieving key 'lastLdapError' value from localDB: null
2024-04-26T12:16:40Z, ERROR, db.DatabaseService, 5051 ERROR_DB_UNAVAILABLE (error connecting to database: com.microsoft.sqlserver.jdbc.SQLServerException: "encrypt" property is set to "true" and "trustServerCertificate" property is set to "false" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. ClientConnectionId:d41221e3-0179-46f3-b1c4-7ba27f6eddda, cause:javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, cause:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, cause:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
2024-04-26T12:16:40Z, WARN , db.DatabaseService, exception initializing database service: 5051 ERROR_DB_UNAVAILABLE (error connecting to database: com.microsoft.sqlserver.jdbc.SQLServerException: "encrypt" property is set to "true" and "trustServerCertificate" property is set to "false" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. ClientConnectionId:d41221e3-0179-46f3-b1c4-7ba27f6eddda, cause:javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, cause:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, cause:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
2024-04-26T12:16:40Z, WARN , email.EmailServerUtil, discarding incompletely configured email address for smtp server profile default
2024-04-26T12:16:40Z, INFO , intruder.IntruderManager, starting using LocalDB data store
2024-04-26T12:16:40Z, ERROR, node.NodeService, error starting up node service: 5093 ERROR_NODE_SERVICE_ERROR (database service is not available)
2024-04-26T12:16:40Z, INFO , pwm.PwmApplication, PWM v2.0.6 baaefbe7 open for bidness! (1875ms)
2024-04-26T12:16:41Z, INFO , event.AuditService, audit event: {"instance":"7E6014562F743244","type":"SYSTEM","eventCode":"STARTUP","guid":"c1163c91-e719-46a4-9ccd-928e9b892317","timestamp":"2024-04-26T11:16:41Z","narrative":"PWM has started up","xdasTaxonomy":"XDAS_AE_INVOKE_SERVICE","xdasOutcome":"XDAS_OUT_SUCCESS"}
Regards
Dave Miles
Jason Rivard
Apr 28, 2024, 9:57:45 PMApr 28
to pwm-general
Most likely you will need to add the server cert to the java keystore using the keytool utility. The JDBC driver your using should provide some documentation for this process. As far as I know, this is a per-JDBC driver process so PWM itself can't help with this, unlike most every other secure connection that PWM might make where PWM itself can manage the certificate for you.
Reply all
Reply to author
Forward
0 new messages