警告:建议不要在没有服务器身份验证的情况下建立SSL连接 [英] WARN: Establishing SSL connection without server's identity verification is not recommended
本文介绍了警告:建议不要在没有服务器身份验证的情况下建立SSL连接的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
您好我正在尝试使用eclipse和tomcat通过java servlet连接到mysql数据库,但我收到以下错误:警告:不建议在没有服务器身份验证的情况下建立SSL连接。我添加了useSSL = false ?到连接网址但仍然得到相同的错误。任何建议? servlet的代码是:
Hello I am trying to connect to a mysql database via a java servlet using eclipse and tomcat, but I take the following error: "WARN: Establishing SSL connection without server's identity verification is not recommended".I added "useSSL=false?" to the connection url but still get the same error.Any suggestions? The servlet's code is :
package com.simpleWebApplication.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@WebServlet("/register")
public class RegisterServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public RegisterServlet() {
super();
// TODO Auto-generated constructor stub
}
protected void doPost(HttpServletRequest request, HttpServletResponse
response)
throws ServletException, IOException {
doGet(request, response);
response.setContentType("text/html");
PrintWriter out = response.getWriter();
String idusers = request.getParameter("0");
String name = request.getParameter("name");
String surname = request.getParameter("surname");
String gender = request.getParameter("gender");
String birthdate = request.getParameter("birthdate");
String workAddress = request.getParameter("workAddress");
String homeAddress = request.getParameter("homeAddress");
try{
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/mysys?autoReconnect=true&useSSL=false","root","pass");
PreparedStatement ps = con.prepareStatement("insert into Users values(?,?,?,?,?,?)");
ps.setString(1, idusers);
ps.setString(2, name);
ps.setString(3, surname);
ps.setString(4, gender);
ps.setString(5, birthday);
ps.setString(6, workAddress);
ps.setString(7, homeAddress);
int i=ps.executeUpdate();
if(i>0)
{
out.println("You are sucessfully registered");
}
}
catch(Exception se)
{
se.printStackTrace();
}
}
}
此处是与servlet连接的register.jsp页面。
and here is register.jsp page that is connected with the servlet.
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Register New User</title>
</head>
<body>
<form action="register" method="post">
<table align="center" bgcolor="#ffffff" border="1" width="70%">
<tr>
<td colspan="2" align="center">User Details </td>
</tr>
<tr>
<td>Name </td>
<td><input type="text" name="name" maxlength="25"></td>
</tr>
<tr>
<td>Surname </td>
<td><input type="text" name="surname" maxlength="40"></td>
</tr>
<tr>
<td>Gender </td>
<td><select>
<option value="male">Male</option>
<option value="female">Female</option>
</select></td>
</tr>
<tr>
<td>Birthdate </td>
<td><input type="date" name="birthdate" maxlength="30"></td>
</tr>
<tr>
<tr>
<td>Work Address </td>
<td><input type="text" name="workaddress" maxlength="30"></td>
</tr>
<tr>
<td>Home Address </td>
<td><input type="text" name="homeaddress" maxlength="30"></td>
</tr>
<td colspan="2" align="center"><input type="submit" value="Submit"></td>
</tr>
</table>
</form>
</body>
</html>
堆栈错误:
Wed Sep 28 08:58:53 EEST 2016 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
java.sql.SQLException: Access denied for user 'username'@'localhost' (using password: YES)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:963)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3966)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3902)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:875)
at com.mysql.jdbc.MysqlIO.proceedHandshakeWithPluggableAuthentication(MysqlIO.java:1712)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1228)
at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2253)
at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2284)
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2083)
at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:806)
at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:47)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:410)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:328)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at com.simpleWebApplication.servlet.RegisterServlet.doPost(RegisterServlet.java:47)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:442)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1082)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:623)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Unknown Source)
推荐答案
尝试删除行doGet(re任务,回应);因为你在上面的例子中没有get方法。
我总是用jdbc得到这个警告,但一切运行正常。
Try deleting the line doGet (request, response); since you don't have get method in the example above. I always get this warning too with jdbc but everything runs fine.
这篇关于警告:建议不要在没有服务器身份验证的情况下建立SSL连接的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
