We have some code that was connecting to a SQL 2008 R2 database on a different server using the Microsoft sqljdbc4.jar driver. It was running fine using Java 1.6u31 and we recently upgraded the system which necessitated a change to Java 1.7u17. Now the connection attempt hangs for a short period of times and throws the following.
Sep 24, 2014 11:53:04 AM com.microsoft.sqlserver.jdbc.TDSChannel enableSSL
INFO: java.security path: D:\Documentum\java64\1.7.0_17\jre\lib\security
Security providers: [RsaJsse version 6.0, JsafeJCE version 6.002, SUN version 1.7, SunRsaSign version 1.7, SunEC version 1.7, SunJSSE version 1.7, SunJCE version 1.7, SunJGSS version 1.7, SunSASL version 1.7, XMLDSig version 1.0, SunPCSC version 1.7, SunMSCAPI version 1.7]
SSLContext provider info: SSL-J 6.0 JSSE Provider supporting SSLv3, TLSv1, TLSv1.1, and TLSv1.2
SSLContext provider services:
[RsaJsse: SSLContext.TLS -> com.rsa.sslj.x.cr
aliases: [SSLv3, SSL, TLSv1, TLSv1.1, TLSv1.2]
, RsaJsse: SSLContext.Default -> com.rsa.sslj.x.B
, RsaJsse: KeyManagerFactory.X509 -> com.rsa.sslj.x.y
aliases: [SunX509, NewSunX509, IbmX509, NewIbmX509, RsaX509]
, RsaJsse: TrustManagerFactory.X509 -> com.rsa.sslj.x.bI
aliases: [SunX509, IbmX509, X.509, RsaX509]
, RsaJsse: TrustManagerFactory.PKIX -> com.rsa.sslj.x.cI
aliases: [SunPKIX, IbmPKIX]
, RsaJsse: TrustManagerFactory.PKIX-SuiteB -> com.rsa.sslj.x.aj
, RsaJsse: TrustManagerFactory.PKIX-SuiteBTLS -> com.rsa.sslj.x.D
]
java.ext.dirs: D:\Documentum\java64\1.7.0_17\jre\lib\ext;C:\Windows\Sun\Java\lib\ext
Exception in thread "main" com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Connection reset".
at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnecQtion.java:1352)
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1533)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1042)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:817)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:700)
at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:842)
at java.sql.DriverManager.getConnection(DriverManager.java:579)
at java.sql.DriverManager.getConnection(DriverManager.java:221)
at com.test.TestDatabaseConnection.getDatabaseConnection(TestDatabaseConnection.java:56)
at com.test.TestDatabaseConnection.main(TestDatabaseConnection.java:25)
Caused by: java.io.IOException: Connection reset
at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.readInternal(IOBuffer.java:673)
at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.read(IOBuffer.java:656)
at com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.readInternal(IOBuffer.java:851)
at com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.read(IOBuffer.java:839)
at com.rsa.sslj.x.aP.c(Unknown Source)
at com.rsa.sslj.x.aP.a(Unknown Source)
at com.rsa.sslj.x.aP.a(Unknown Source)
at com.rsa.sslj.x.aP.h(Unknown Source)
at com.rsa.sslj.x.cy.startHandshake(Unknown Source)
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1483)
... 8 more
Running just the database connect code in Eclipse I can reproduce the error with a clean copy of 1.7u17. Running the same with 1.6u31 instead works fine. We have to stick to this version of Java due to a 3rd party application this code runs inside.
static Connection getDatabaseConnection() throws Exception{
Connection conn = null;
final String DRIVER = "jdbc:sqlserver";
String server = "<server123>";
String port = "1433";
String sid = "<db123>";
String user = "<user123>";
String pass = "<password123>";
String url = "jdbc:sqlserver://" +
server + ":" + port + ";" +
"databaseName=" + sid +
";user=" + user +
";password=" + pass + ";";
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
conn = DriverManager.getConnection(url, user, pass);
return conn;
}
