we are using clm 6.0.3 with liberty profile and oracle db 12c for our applications.
Java.runtime= Java™ SE Runtime Environment (pxa6470_27sr3fp40-201604220_01 (SR3 FP40))
our IBM clm applications are hosted on Websphere Liberty Server 8.5.5.9 (wlp-1.0.12.cl50920160227-1523)
java version - 1.7.0_75
ojdbc driver-ojdbc7.jar
Implementation setup
We want to enable mutual ssl authentication with DB server to application.
Steps followed.
We are using the default keystore of liberty profile , where we imported the DB certificate and also extracted the applicationcertificate and imported the same oracle DB wallet.
we are using default server.xml file and startup file and java.security files. For making this tcps communication, where exactly we need to make changes
Issue detrails
we are able to connect the db through tcp string. But not able to connect by tcps string.
tcp string – thin:jts-user/{password}#//192.168.100.216:1521/vmtestdb
tcps String - thin:jts_user/{password}#(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.100.216)(PORT=2484))(CONNECT_DATA=(SERVICE_NAME=vmtestdb)))
Error Code:-
Caused by: oracle.net.ns.NetException: The Network Adapter could not establish the connection
Caused by: oracle.net.ns.NetException: The ssl protocol specified is not supported.
Caused by: java.lang.IllegalArgumentException: SSLv2Hello is not a recognized protocol.
For reproducing the issue, we will get the same error when we put tcps string to connect the db.
Related
Our dev ops team have whitelisted my home ip address so that I can connect to our Postgres database on Azure. I am able to connect to our Azure database due to this.
Today I set up a VM in order to run Docker. I am running a container for RStudio which is an app that, among many other things, allows me to connect to our database using ODBC.
After configuring the odbcinst and odbc.ini files I believe that those are configured correctly because when I try to connect I get the following error:
Error: nanodbc/nanodbc.cpp:983: 00000: FATAL: SSL connection is required. Please specify SSL options and retry.
Thus I think that my odbc set up is correct because this error suggests my connection setting are fine, it's just that Azure will not allow it without SSL.
Searching that error message took me to this SO post with the following accepted answer:
By default, Azure Database for PostgreSQL enforces SSL connections between your server and your client applications to protect against MITM (man in the middle) attacks. This is done to make the connection to your server as secure as possible.
Although not recommended, you have the option to disable requiring SSL for connecting to your server if your client application does not support SSL connectivity. Please check How to Configure SSL Connectivity for your Postgres server in Azure for more details. You can disable requiring SSL connections from either the portal or using CLI. Note that Azure does not recommend disabling requiring SSL connections when connecting to your server.
My question is, if I am already able to connect to our database outside of my VM due to my home IP being whitelisted and just using a Postgres Driver with Dbeaver SQL client, is there anything I can do to connect from within my VM?
I can get my VMs ip address but I suspect (am not sure) if sending hat to our developers to whitelist would work?
Is there a prescribed course of action here?
I added this parameter to my .odbc.ini file and was able to connect:
sslmode=require
From Azure Postgres documentation, this parameter may take on different permutations depending on the context
"for example "ssl=true" or "sslmode=require" or "sslmode=required" and other variations"
I'm trying to connect a database in the Bluemix DB2 on Cloud (DashDB) to IBM BPM on Cloud. Is this possible? I tried setting up a datasource in BPMoC using the data provided by DB2 on Cloud, but it is not able to connect:
(Error Details)[jcc][t4][2043][11550][4.18.60] Exception
java.net.SocketException: Error opening socket to server ... with
message: Network is unreachable (connect failed). ERRORCODE=-4499,
SQLSTATE=08001 DSRA0010E: SQL State = 08001, Error Code = -4,499Test
Connection
IBM BPM on Cloud support was able to help me get this working. There was something that needed to be done on the network side of things to allow BPMoC to talk with DB2 on Cloud (Bluemix). They also had to install the SSL certs for me.
Our Java Servlet was developed on Eclipse Helios for Windows and runs on Tomcat 7. Recently a SQL Server database that it connects to using JNDI was migrated to a new server. I checked I could set up the connection to the new SQL server database using Eclipse and this was successful. I also checked I could connect using the connection details using SQL Server Management Studio. However when I amend the JNDI connection using the new connection details and run the relevant web service request in SoapUI I am being returned the message;
java.net.SocketTimeoutException: Read timed out
I have also imported the new SSL certificates created on the new server but that did not resolve the problem. I have tried extending the timeout but I don't think that is working. What is causing this new connection to fail when the original worked fine?
Following the tutorial on
http://bpmwiki.blueworkslive.com/display/samples/Decision+Service+demonstrating+BPM+and+WODM+integration#DecisionServicedemonstratingBPMandWODMintegration-PartI%26nbsp%3B%5C%26nbsp%3BImplementingtheJRulesSolution
I'm able to run the rule app using soapUI and everything works fine. Now, when I try to implement the rule service on BPM, it seems BPM is unable to detect the WODM server.
When I test this using soapUI, the wsdl URL was something like: http://localhost:9081/xxxxxxxx.
Now, when I try to implement this on BPM, I've set the Server location to http://localhost:9081 and SOAP Port to 8881 as shown below:
However, I've failed to login. I'm wondering what SOAP Port actually is and why BPM needs one and soapUI doesn't?
Update:
When I set the SOAP Port to 8881, it's throwing
java.io.IOException: Mismatched serialization UIDs :
Source(RepId RMI:java.lang.Throwable:F...............) =........ whereas Target (RepId RMI:com.ibm.jsse2.util.h:CAAC186..................) = D9CE.........
When I set the SOAP Port to 8880, it's not throwing any errors but there's no ruleset and ruleapp available
When I set the SOAP Port to 8882 and above, it's throwing me
[SOAPException: faultCode=SOAP-ENV; msg=Error opening socket:
java.net.ConnectException: Connection refused: connect; targetException: Connection
refused: connect; targetException=java.lang.IllegalArgumentException: Error opening socket:
java.net.ConnectException: Connection refused: connect]
Has your WAS been installed using the default ports or custom ports?
I have got this working using BPM 8.5 and ODM 8.5, but the default SOAP port is 8880 (although I have noticed that you are using port 9081, which implies you might have more than one WAS server installed so its bumped all the port numbers up by one, so this might not be the problem).
The other thing to check is how you have set up the BPM server in the Process App Settings in BPM. The format of the server location should be http://:
BPM need the SOAP port of WODM server to explore what rule app / rule set are available, so that BPM could present a list for you to choose from.
When you call a ruleset in soapUI like following, you have already specified which rule app / rule set to call in the URL.
https://HOST:PORT/DecisionService/ws/ruleapp/ruleset
You may go to WAS admin console to check what's the SOAP port of the server that running WODM.
I have a service that uses EF to retrieve data from a SQL database.
The EF model is in a class library. In the class library the connection is configured as:
<add name="APIC2CEntities"
connectionString="metadata=res://*/MyModel.csdl|res://*/MyModel.ssdl|res://*/MyModel.msl;provider=System.Data.SqlClient;provider connection string="data source=MYSERVER;initial catalog=MYDB;user id=MYUSER;password=THEPASSWORD;multipleactiveresultsets=True;App=EntityFramework""
providerName="System.Data.EntityClient" />
This class library is referenced by a WCF service project. In webconfig I control the EF connection with:
<add name="APIC2CEntities"
connectionString="metadata=res://*/MyModel.csdl|res://*/MyModel.ssdl|res://*/MyModel.msl;provider=System.Data.SqlClient;provider connection string="data source=MYSERVER;initial catalog=MYDB;user id=MYUSER;password=THEPASSWORD;multipleactiveresultsets=True;App=EntityFramework""
providerName="System.Data.EntityClient" />
When my service is running in Cassini the data is retrieved correctly. When the service is running under IIS (Windows XP) the connection fails with the following exception:
The underlying provider failed on Open
with an inner exception telling me:
{"A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)"}
I understand that Cassini is running under my logged in account, and that IIS is running under the IUSR_MYMACHINE account, but my connection is not trusted, so this shouldn't matter...
How else might an EF connection be manipulated or controlled differently between IIS and Cassini?
Thanks,
Mark
Our resolution on this occasion was to force the connection to use tcp (using data source=tcp:MyServer in the connection string) and enabling TCP on the SQL box (oops!)..
I still have no idea how the Cassini session was able to establish connection where the IIS session was not :-S
Mark
I think the issue is still in connection string. If you are sure please do the following steps and test
Open blank notepad and save as connectionString.UDL
Open connectionString (just saved in step 1)
Under the connection tab: type server name (in my case: DESKTOP-IDSLV81) or IP as XXX.XXX.XXX.XXX,1433 where 1433 is default port the use respective username and password and the select Database(available DB is in Dropdown list)
Then press test connection if succeeded the press Ok button.
Open the connectionString.UDL file in notepad. The correct connection string is there and compare with your connection string in web.config
This solution is for someone facing this issue while deploying windows application,
I know this is late, but this maybe useful for someone in future, In my scenario, purely this is a connection string issue I developed a windows application using entity framework (DB First approach) and I published it, the code was worked fine on my machine, but it's not worked on the client machine
Reason for this issue:-
I updated the client machine connection string in App.config file, but this is wrong, if that is a windows application, then it will not read the connection string from App.config (For deployed machines), it will read from .exe.config file,
So after deployment, we need to change the connection string in "AppicationName".exe.config file