WSO2身份服务器将共享数据库和身份数据库更改为SQL Server

jtoj6r0c  于 2023-01-08  发布在  SQL Server
关注(0)|答案(1)|浏览(120)

根据WSO 2 IS文档https://is.docs.wso2.com/en/latest/deploy/change-to-mssql/
我们更改了/repository/conf/deployment.toml中的配置,以将carbon数据库更改为SQL Server

[database.identity_db]
type = "mssql"
hostname = "localhost\\SQLEXPRESS"
name = "WSO2_IDENTITY_DB"
username = "sa"
password = "P@ssw0rd"
port = "1433"

[database.shared_db]
type = "mssql"
hostname = "localhost\\SQLEXPRESS"
name = "WSO2_SHARED_DB"
username = "sa"
password = "P@ssw0rd"
port = "1433"

但我们面临着以下例外

Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId:4fb732a2-d3a4-4c41-bf0a-47b43d715de5
    at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:3806)
    at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1906)
    at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:3329)
    at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:2950)
    at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:2790)
    at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:1663)
    at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1064)
    at org.apache.tomcat.jdbc.pool.PooledConnection.connectUsingDriver(PooledConnection.java:347)
    at org.apache.tomcat.jdbc.pool.PooledConnection.connect(PooledConnection.java:228)
    at org.apache.tomcat.jdbc.pool.ConnectionPool.createConnection(ConnectionPool.java:769)
    at org.apache.tomcat.jdbc.pool.ConnectionPool.borrowConnection(ConnectionPool.java:697)
    at org.apache.tomcat.jdbc.pool.ConnectionPool.getConnection(ConnectionPool.java:198)
    at org.apache.tomcat.jdbc.pool.DataSourceProxy.getConnection(DataSourceProxy.java:134)
    at org.wso2.carbon.user.core.util.DatabaseUtil.getDBConnection(DatabaseUtil.java:1067)
    at org.wso2.carbon.user.core.util.UserCoreUtil.persistDomain(UserCoreUtil.java:913)
    ... 34 more

搜索后,我们发现需要添加以下属性:

encrypt=true;trustServerCertificate=true;

但没有成功

eit6fx6z

eit6fx6z1#

此错误表明您在客户端的trustore中缺少MSSQL证书。因此,请尝试将MSSQL公共证书导入WSO2 trustore。有关详细信息,请参阅此文档。

keytool -import -alias <alias> -keystore  $IS_HOME/repository/resources/security/client-trustore.jks -file mssql.cer

相关问题