com.microsoft.sqlserver.jdbc.SQLServerException: 驅動程式無法通過使用安全套接字層(SSL)加密與 SQL Server 建立安全連線。錯誤:“java
阿新 • • 發佈:2019-01-23
九月 06, 2016 9:59:29 上午 com.microsoft.sqlserver.jdbc.TDSChannel enableSSL
資訊: java.security path: C:\Program Files\Java\jdk1.8.0_101\jre\lib\security
Security providers: [SUN version 1.8, SunRsaSign version 1.8, SunEC version 1.8, SunJSSE version 1.8, SunJCE version 1.8, SunJGSS version 1.8, SunSASL version 1.8 , XMLDSig version 1.8, SunPCSC version 1.8, SunMSCAPI version 1.8, BC version 1.54]
SSLContext provider info: Sun JSSE provider(PKCS12, SunX509/PKIX key/trust factories, SSLv3/TLSv1/TLSv1.1/TLSv1.2)
SSLContext provider services:
[SunJSSE: KeyFactory.RSA -> sun.security.rsa.RSAKeyFactory
aliases: [1.2 .840.113549.1.1, OID.1.2.840.113549.1.1]
, SunJSSE: KeyPairGenerator.RSA -> sun.security.rsa.RSAKeyPairGenerator
aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1]
, SunJSSE: Signature.MD2withRSA -> sun.security.rsa.RSASignature$MD2withRSA
aliases: [1.2.840.113549.1.1.2, OID.1.2.840.113549.1.1 .2]
, SunJSSE: Signature.MD5withRSA -> sun.security.rsa.RSASignature$MD5withRSA
aliases: [1.2.840.113549.1.1.4, OID.1.2.840.113549.1.1.4]
, SunJSSE: Signature.SHA1withRSA -> sun.security.rsa.RSASignature$SHA1withRSA
aliases: [1.2.840.113549.1.1.5, OID.1.2.840.113549.1.1.5, 1.3.14.3.2.29, OID.1.3.14.3.2.29]
, SunJSSE: Signature.MD5andSHA1withRSA -> sun.security.ssl.RSASignature
, SunJSSE: KeyManagerFactory.SunX509 -> sun.security.ssl.KeyManagerFactoryImpl$SunX509
, SunJSSE: KeyManagerFactory.NewSunX509 -> sun.security.ssl.KeyManagerFactoryImpl$X509
aliases: [PKIX]
, SunJSSE: TrustManagerFactory.SunX509 -> sun.security.ssl.TrustManagerFactoryImpl$SimpleFactory
, SunJSSE: TrustManagerFactory.PKIX -> sun.security.ssl.TrustManagerFactoryImpl$PKIXFactory
aliases: [SunPKIX, X509, X.509]
, SunJSSE: SSLContext.TLSv1 -> sun.security.ssl.SSLContextImpl$TLS10Context
aliases: [SSLv3]
, SunJSSE: SSLContext.TLSv1.1 -> sun.security.ssl.SSLContextImpl$TLS11Context
, SunJSSE: SSLContext.TLSv1.2 -> sun.security.ssl.SSLContextImpl$TLS12Context
, SunJSSE: SSLContext.TLS -> sun.security.ssl.SSLContextImpl$TLSContext
aliases: [SSL]
, SunJSSE: SSLContext.Default -> sun.security.ssl.SSLContextImpl$DefaultSSLContext
, SunJSSE: KeyStore.PKCS12 -> sun.security.pkcs12.PKCS12KeyStore
]
java.ext.dirs: C:\Program Files\Java\jdk1.8.0_101\jre\lib\ext;C:\Windows\Sun\Java\lib\ext
com.microsoft.sqlserver.jdbc.SQLServerException: 驅動程式無法通過使用安全套接字層(SSL)加密與 SQL Server 建立安全連線。錯誤:“java.security.ProviderException: java.security.NoSuchAlgorithmException: SunTlsMasterSecret KeyGenerator not available”。 ClientConnectionId:818a8c12-14b5-4e37-8e14-9d6d24326742
at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:1667)
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1668)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1323)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:991)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:827)
at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1012)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
Caused by: javax.net.ssl.SSLException: java.security.ProviderException: java.security.NoSuchAlgorithmException: SunTlsMasterSecret KeyGenerator not available
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.SSLSocketImpl.handleException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1618)
... 9 more
Caused by: java.security.ProviderException: java.security.NoSuchAlgorithmException: SunTlsMasterSecret KeyGenerator not available
at sun.security.ssl.Handshaker.calculateMasterSecret(Unknown Source)
at sun.security.ssl.Handshaker.calculateKeys(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
... 12 more
Caused by: java.security.NoSuchAlgorithmException: SunTlsMasterSecret KeyGenerator not available
at javax.crypto.KeyGenerator.<init>(KeyGenerator.java:169)
at javax.crypto.KeyGenerator.getInstance(KeyGenerator.java:223)
at sun.security.ssl.JsseJce.getKeyGenerator(Unknown Source)
... 20 more
原因:
網上查了很多,有的由於jdk版本過低,有的說把buildpaht從jdk變成jre,這些都試過了,問題依舊。
後面發現把Java compiler變成1.7後持續有編譯不通過的。
現jdk: java version “1.8.0_101”
現jdbc: sqljdbc4.jar
解決:
注意:編譯不通過的程式是由於方法內部寫了內部類,內部類呼叫了方法的引數,1.7要求引數加final,而1.8則不需要,在1.7下給方法引數加上final後編譯通過,再次執行程式,發現連線成功。
後面再恢復到1.8,程式也恢復正常。
結論:
1.jdk和jdbc是否相容,使用sqlServer最新JDBC
2.方法中的內部類使用方法引數,要給引數加final
3.確保…\jdk1.8.0_101\jre\lib\ext目錄下存在sunjce_provider.jar,不存在從jre下面的\lib\ext拷貝
4.在jdk1.8.0_101\jre\lib\security\java.security檔案新增一行
security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider,前面的數字遞增。