您的位置: 首页  >  技术问答  >  甲骨文的技术合作计划的tomcat Thin驱动程序不能正常工作

甲骨文的技术合作计划的tomcat Thin驱动程序不能正常工作

分类: 技术问答 2022-07-01 22:31:47
问题描述:

我需要一个新的环境帮助,我建立甲骨文的技术合作计划的tomcat Thin驱动程序不能正常工作

的Tomcat(钱包+ JDBC Thin驱动程序) - > TCPS - >甲骨文12

我一直下面这篇文章(Oracle JDBC thin driver SSL),没有运气

当我尝试启动Tomcat时,显示

Caused by: java.security.SignatureException: Signature length not correct: got 256 but was expecting 128 
    at sun.security.rsa.RSASignature.engineVerify(RSASignature.java:189) 
    at java.security.Signature$Delegate.engineVerify(Signature.java:1219)

以下错误我觉得我失去了一些东西,但我不是k现在在哪里..

Oracle方面

的listener.ora

WALLET_LOCATION = 
    (SOURCE = 
    (METHOD = FILE) 
    (METHOD_DATA = 
     (DIRECTORY = /u01/app/oracle/wallet) 
    ) 
) 

SSL_CLIENT_AUTHENTICATION = FALSE 

LISTENER = 
    (DESCRIPTION_LIST = 
    (DESCRIPTION = 
     (ADDRESS = (PROTOCOL = TCP)(HOST = 72795752816f)(PORT = 1521)) 
     (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521)) 
     (ADDRESS = (PROTOCOL = TCPS)(HOST = 72795752816f)(PORT = 2484)) 
    ) 
) 
ADR_BASE_LISTENER = /u01/app/oracle

SQLNET.ORA

WALLET_LOCATION = 
    (SOURCE = 
    (METHOD = FILE) 
    (METHOD_DATA = 
     (DIRECTORY = /u01/app/oracle/wallet) 
    ) 
    ) 

SQLNET.AUTHENTICATION_SERVICES = (TCPS,NTS,BEQ) 
SSL_CLIENT_AUTHENTICATION = FALSE 
SSL_CIPHER_SUITES = (SSL_RSA_WITH_RC4_128_SHA,  SSL_RSA_WITH_RC4_128_MD5) 

SQLNET.WALLET_OVERRIDE = TRUE

Tomcat的侧面

的tnsnames.ora

TEST = 
(DESCRIPTION = 
    (ADDRESS = 
    (PROTOCOL = TCPS) 
    (HOST = 72795752816f) 
    (PORT = 2484) 
) 
    (CONNECT_DATA = 
    (SERVER = DEDICATED) 
    (SERVICE_NAME = xe.oracle.docker) 
    ) 
)

的context.xml

<Resource name="jdbc/edorasone" auth="Container" 
      type="javax.sql.DataSource"  driverClassName="oracle.jdbc.OracleDriver" 
     url="jdbc:oracle:thin:/@TEST" 
    connectionProperties="javax.net.ssl.keyStore=/tomcat/wallet/cwallet.sso;\ 
javax.net.ssl.keyStoreType=PCKS12;\ 
oracle.net.ssl_version=1.0;\ 
oracle.net.ssl_cipher_suites=(SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5);\ 
oracle.net.authentication_services=(TCPS)" 
/>

任何帮助将是非常赞赏ADVA

纳乔

感谢。

BTW:如果在Tomcat中使用sqlnet客户端与sqlnet.ora(= Oracle)& tnsnames.ora(= Tomcat)我可以连接没有问题。

(a)您是否有使用Oracle钱包需要额外的罐子? (oraclepki.jar,osdt_core.jar,osdt_cert.jar)?
(2)更正javax.net.ssl.keyStoreType = PKCS12。你在那里有一个错字。
(3)DB URL应该是“jdbc:oracle:thin:@TEST”,并且由于您使用的是别名,因此需要设置系统属性-Doracle.net.tns_admin =(a)是否需要额外的jar包使用Oracle钱包? (oraclepki.jar,osdt_core.jar,osdt_cert.jar)?

查看SSL with JDBC whitepaper了解更多详情。

非常感谢您的帮助。 一)是的,他们已经到位 B)它与PCKS12 C)TNS_ADMIN是到setenv.sh脚本

最后我得到了我的建立现在的工作。

SSL_CIPHER_SUITES必须双方匹配,所以我所做的就是给力相同的密码

SQLNET.ORA

SSL_CIPHER_SUITES = (SSL_RSA_WITH_AES_256_CBC_SHA)

SETENV。SH

CATALINA_OPTS+=" -Doracle.net.ssl_cipher_suites=TLS_RSA_WITH_AES_256_CBC_SHA "

(注意前缀是不一样的:在SSL_ Oracle方面,和TLS_到Tomcat/Java端)

对于具有类似配置的问题,那几件,,我让Tomcat的配置这里边

############################### 
# DB CONNECTION CONFIGURATION # 
############################### 
# Oracle DB (JNDI) 
CATALINA_OPTS+=" -Dspring.profiles.active=database-jndi " 
CATALINA_OPTS+=" -Doracle.net.tns_admin=/tomcat/wallet " 
CATALINA_OPTS+=" -Djavax.net.ssl.keyStore=/tomcat/wallet/keystore.jks " 
CATALINA_OPTS+=" -Djavax.net.ssl.keyStoreType=JKS " 
CATALINA_OPTS+=" -Djavax.net.ssl.keyStorePassword=Passw0rd " 
CATALINA_OPTS+=" -Djavax.net.ssl.trustStore=/tomcat/wallet/truststore.jks "  
CATALINA_OPTS+=" -Djavax.net.ssl.trustStorePassword=Passw0rd "     
CATALINA_OPTS+=" -Doracle.net.authentication_services=TCPS " 
CATALINA_OPTS+=" -Doracle.net.ssl_cipher_suites=TLS_RSA_WITH_AES_256_CBC_SHA "

的context.xml

<Resource name="jdbc/efdesone" auth="Container" 
     type="javax.sql.DataSource" driverClassName="oracle.jdbc.OracleDriver" 
     url="jdbc:oracle:thin:/@TEST" 
    username="<username>" password="<password>" maxActive="20" maxIdle="10" maxWait="-1" 
/>

亲切的问候

纳乔。

相关推荐