How to connecto DBeaver with Db2 using SSL self-signed certificate?
2
votes
1
answer
16031
views
On Db2 v11.5.7.0 Linux/x86 server I have configured SSL using self-signed certificate following official IBM documentation https://www.ibm.com/docs/en/db2/11.5?topic=transit-tls-configuration-db2
I have tested this connection on my Windows PC using CLI and connection works fine. I assume Db2 server is configured correctly to support SSL.
Now I would like to establish the same with Java application like DBeaver. On my Windows where DBeaver 22.1.3 is installed I imported SSL certificate with:
keytool -import -trustcacerts -alias myalias
-file C:\Programs\DBeaver\db2_ssl_tls\server.arm
-keystore C:\Programs\DBeaver\db2_ssl_tls\mynewdbclient.jks
Then I configured DBeaver connection to Db2 using SSL. I did like described in:
https://selcukc.medium.com/dbeaver-create-ssl-connection-to-db2-72bd0948b6d4
or
https://www.ibm.com/docs/en/fci/6.5.1?topic=application-connecting-db2-over-ssl-port
like this:
When I click on Test Connection button I get error:
[jcc][t4][4.31.10] A communication error occurred during
operations on the connection's underlying socket, socket input stream, or
socket output stream. Error location: Reply.fill() - socketInputStream.read
(-1). Message: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target. ERRORCODE=-4499, SQLSTATE=08001
PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target unable to find valid certification
path to requested target unable to find valid certification path to requested
target
I have searched a lot of documentation on web, but all it seams to point to import CA certificate. But I am using self-signed certificate that does not need CA.
Questions:
1. Do I need to setup something else?
2. Does DBeaver support self-signed certificates?
When I click on Test Connection button I get error:
[jcc][t4][4.31.10] A communication error occurred during
operations on the connection's underlying socket, socket input stream, or
socket output stream. Error location: Reply.fill() - socketInputStream.read
(-1). Message: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target. ERRORCODE=-4499, SQLSTATE=08001
PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target unable to find valid certification
path to requested target unable to find valid certification path to requested
target
I have searched a lot of documentation on web, but all it seams to point to import CA certificate. But I am using self-signed certificate that does not need CA.
Questions:
1. Do I need to setup something else?
2. Does DBeaver support self-signed certificates?
Asked by folow
(523 rep)
Jul 29, 2022, 04:33 AM
Last activity: Apr 4, 2024, 01:25 PM
Last activity: Apr 4, 2024, 01:25 PM