I’m trying to figure out how to use the following jdbc properties in the hibernate config with the mysql driver in order to force TLS and the use of a certificate.
jdbc:mysql://mysql.server.com:3306/xwiki
?useSSL=true
&verifyServerCertificate=true
&clientCertificateKeyStoreUrl=file://path/to/certs/client-cert-and-key.pfx
&clientCertificateKeyStoreType=“PKCS12”
&clientCertificateKeyStorePassword=“cert-pass”
&trustCertificateKeyStoreUrl=file://path/to/cacert/cacert.pfx
&trustCertificateKeyStoreType=“PKCS12”
&trustCertificateKeyStorePassword=“cacert-pass”
Can anyone share an example of how that would look in the property name=“connection.url” of hibernate.cfg.xml?
Thanks!
ns
Hi - I think I’ve figured out that the & needs to be url encoded (&) - string values not double quoted - and the URLs have no double forward slash (file:/path/to/cert…)
i.e.
jdbc:mysql://mysql.server.com:3306/xwiki?useSSL=true&verifyServerCertificate=true&clientCertificateKeyStoreUrl=file:/path/to/certs/client-cert-and-key.pfx&clientCertificateKeyStoreType=PKCS12… etc…
==
Now, I’m having another problem - which may still be the hibernate config - or may be something else…
I see this exception upon starting tomcat/xwiki and browsing to the site - whereby hibernate should begin creating the database structure…
No tables are created.
2018-04-30 23:01:16,514 [XWiki initialization] ERROR c.x.x.s.DBCPConnectionProvider - Could not create a DBCP pool. There is an error in the Hibernate configuration file, please review it.
java.sql.SQLException: Cannot create PoolableConnectionFactory (The server time zone value 'EDT' is unrecognized or represents more than one time zone. You must configure either the server or JDBC driver (via the serverTimezone configuration property) to use a more specifc time zone value if you want to utilize time zone support.)
at org.apache.commons.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:2294)
at org.apache.commons.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:2039)
at org.apache.commons.dbcp2.BasicDataSource.getConnection(BasicDataSource.java:1533)
at com.xpn.xwiki.store.DBCPConnectionProvider.configure(DBCPConnectionProvider.java:215)
at org.hibernate.connection.ConnectionProviderFactory.newConnectionProvider(ConnectionProviderFactory.java:143)
at org.hibernate.connection.ConnectionProviderFactory.newConnectionProvider(ConnectionProviderFactory.java:84)
at org.hibernate.cfg.SettingsFactory.createConnectionProvider(SettingsFactory.java:459)
at org.hibernate.cfg.SettingsFactory.buildSettings(SettingsFactory.java:90)
at org.hibernate.cfg.Configuration.buildSettingsInternal(Configuration.java:2863)
at org.hibernate.cfg.Configuration.buildSettings(Configuration.java:2859)
at org.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:1870)
at com.xpn.xwiki.store.XWikiHibernateBaseStore.initHibernate(XWikiHibernateBaseStore.java:213)
at com.xpn.xwiki.store.XWikiHibernateBaseStore.checkHibernate(XWikiHibernateBaseStore.java:574)
at com.xpn.xwiki.store.XWikiHibernateStore.loadXWikiDoc(XWikiHibernateStore.java:877)
at com.xpn.xwiki.store.XWikiCacheStore.loadXWikiDoc(XWikiCacheStore.java:280)
at com.xpn.xwiki.XWiki.getDocument(XWiki.java:1854)
at com.xpn.xwiki.XWiki.getDocument(XWiki.java:1914)
at com.xpn.xwiki.XWiki.initializeMandatoryDocument(XWiki.java:1284)
at com.xpn.xwiki.XWiki.initializeMandatoryDocuments(XWiki.java:1258)
at com.xpn.xwiki.XWiki.initXWiki(XWiki.java:1197)
at com.xpn.xwiki.XWiki.initXWiki(XWiki.java:1111)
at com.xpn.xwiki.XWiki.<init>(XWiki.java:1084)
at com.xpn.xwiki.internal.XWikiInitializerJob.runInternal(XWikiInitializerJob.java:117)
at org.xwiki.job.AbstractJob.runInContext(AbstractJob.java:206)
at org.xwiki.job.AbstractJob.run(AbstractJob.java:189)
at java.lang.Thread.run(Thread.java:748)
Thanks for reading!
ns