The Microsoft JDBC SSL documentation details the use of a Java keystore in order to specify a certificate bundle to use when validating the TLS connection. Is there a way to provide a certificate bundle without needing to store it within a JKS when connecting to a SQL Server database? Postgres seems to have a…
Tag: ssl
How to disable Host name verification for nimbus JWKS ResourceRetriever
First I was using ‘DefaultResourceRetriever’ without any configuration like this : and then I got the following exception To by pass certificate check I have configured the resource retriever like below; But it doesn’t changed anything. I could set Hostname verifier to SSLConnectionSocketFac…
How connection with JIRA using RESTAPI with java?
My task is to establish a connection to JIRA in java using RESTAPI. I’m facing an error with the SSL security certificate. I have tried many times and looked on google, but I didn’t find any solution to my problem. Can anyone help me to fix this error? APOD.java JavaHttpURLConnectionDemo.java Erro…
How do I get OpenJDK 16 to talk with an SSL enabled nginx server?
I’m running a spring boot application that needs to make an https call to an nginx server. The application is running on CentOS 7 with OpenJDK 16. Following this more or less, I gathered a list of all the ciphers available to the JVM: In nginx, I have the following: I’ve tried every one of the cip…
How can I get debug messages from Java’s SSL handshake?
I’m trying to secure a Java Spring Boot REST service with Keycloak. Part of that involves communication between the service and Keycloak to get the well-known OpenID configuration. When everything is unencrypted (over HTTP), things work fine. When I add an SSL certificate into the mix (technically on an…
Kafka docker – NoSuchFileException: /opt/kafka.server.keystore.jks
I have installed kafka via docker. When i run the docker-compose up command I face following errors: Below is my docker-compose.yml file: Answer Change the variable values to use /certs
SSL Handshake error after Client Finished handshake message
I’m attempting to perform mutual TLS authentication to server.com (changed), and I’m getting Fatal (HANDSHAKE_FAILURE): Couldn’t kickstart handshaking, javax.net.ssl.SSLException: readHandshakeRecord after Produced client Finished handshake message. I am using AdoptOpenJDK 11.0.11.9-hotspot.…
SSL for JMX with RMI
We have a Java application which has had a JConsole connection with password authentication for a while. In improving the security of this, we are trying to encrypt the connection made from JConsole to the application. Up until now, we have launched our application with the following launch command: With this…
Is truststore a pure Java terminology?
When I search “truststore” on YouTube, I got the following video as the first hit. It is about Java. https://www.youtube.com/watch?v=Ur9LlNOYnRg A Google search also mostly returns Java webpages. Is this a pure Java concept? How can in be explained in the context of SSL/TLS without using Java? Ans…
How to enable certificate_authorities extension in Jetty with TLS 1.3
I recently updated my Jetty server (11.0.1) to TLS 1.3 (jre 11.0.9.1).The server do not send trusted certificate_authorities anymore in the CertificateRequest phase (client certificate authentication is required). Consequently, in the prompt window, the browsers do not filter the clients certificates delivere…