0

On Azure I have found 4 certificates:

ClearDB CA Certificate
Client Certificate
Client Private Key
Client Certificate Bundle(for Windows only)

I have created trustStore with ClearDB CA like it was told here How to connect to a remote MySQL database via SSL using Play Framework?

keytool -import -alias mysqlServerCACert -file cleardb.pem -keystore truststore.jks

Set Systems properties like this:

System.setProperty("javax.net.ssl.trustStore", "path/truststore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");

Added parameters to jdbc url

?useSSL=true&requireSSL=true&verifyServerCertificate=true

But I still get Exception

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I'm really confused. Which certificate I should use. What for are other certificates? Will appreciate any help.

Improve this question

1 Answer 1

Reset to default
0

@OlegKuts, according to the ClearDB FAQ about enforce client SSL (or x.509) authentication as below, I think you should use the ClearDB CA certificate if it's got from ClearDB.

I need additional security options for my ClearDB cluster. How can I enforce client SSL (or x.509) authentication?

We operate our own CA, and we’ll be happy to generate x.509 user authentication certificates for your account. Please send us a support request (login required) to get x.509 certificates.

Meanwhile, according to the ClearDB help & support page (its link for Java is not available, but please see the rear MySQL 5.5 link), you need to follow the MySQL connector document 5.5 Connecting Securely Using SSL to try again.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.