如何解决将 RDS 服务器 SSL 从 1.0 更新到 1.2 后,本地 tomcat 未启动且无法连接到 Oracle RDS
本地 tomcat 未启动,并且在尝试创建连接到 Oracle DB 的 bean 时失败。错误是 java.sql.sqlRecoverableException: IO Error: Connection reset。我们所做的唯一更改是,我们在 Pom.xml 中使用了 ojdbc8.jar 依赖项,之前它有 ojdbc6.jar。我在 jdk 1.8 上运行 tomcat 库/java/javavirtualmachines/jdk1.8.0_162.jdk/Contents/home/jre/
我们已将 rds-ca-2019-root.der 导入到 cacerts 文件中。 库/java/javavirtualmachines/jdk1.8.0_162.jdk/Contents/home/jre/lib/security/cacerts
这是在 Oracle 12.2.0.1 RDS 服务器上将 SSL_VERSION 更新为 1.2 后发生的。
这是堆栈跟踪。
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'abcDB' defined in class path resource [applicationContext.xml]: Invocation of init method Failed; nested exception is javax.naming.NamingException: Unexpected exception resolving reference [Root exception is java.sql.sqlException: Cannot create PoolableConnectionFactory (IO Error: Connection reset)]
at org.springframework.beans.factory.support.AbstractAutowireCapablebeanfactory.initializeBean(AbstractAutowireCapablebeanfactory.java:1455)
at org.springframework.beans.factory.support.AbstractAutowireCapablebeanfactory.doCreateBean(AbstractAutowireCapablebeanfactory.java:519)
at org.springframework.beans.factory.support.AbstractAutowireCapablebeanfactory.createBean(AbstractAutowireCapablebeanfactory.java:456)
at org.springframework.beans.factory.support.Abstractbeanfactory$1.getobject(Abstractbeanfactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.Abstractbeanfactory.doGetBean(Abstractbeanfactory.java:291)
at org.springframework.beans.factory.support.Abstractbeanfactory.getTypeForfactorybean(Abstractbeanfactory.java:1355)
at org.springframework.beans.factory.support.AbstractAutowireCapablebeanfactory.getTypeForfactorybean(AbstractAutowireCapablebeanfactory.java:710)
at org.springframework.beans.factory.support.Abstractbeanfactory.isTypeMatch(Abstractbeanfactory.java:519)
at org.springframework.beans.factory.support.DefaultListablebeanfactory.getBeanNamesForType(DefaultListablebeanfactory.java:319)
at org.springframework.beans.factory.support.DefaultListablebeanfactory.getBeanNamesForType(DefaultListablebeanfactory.java:298)
at org.springframework.beans.factory.beanfactoryUtils.beanNamesForTypeIncludingAncestors(beanfactoryUtils.java:142)
at org.springframework.orm.jpa.EntityManagerFactoryUtils.findEntityManagerFactory(EntityManagerFactoryUtils.java:97)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor.findNamedEntityManagerFactory(PersistenceAnnotationBeanPostProcessor.java:511)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor.findEntityManagerFactory(PersistenceAnnotationBeanPostProcessor.java:493)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor$PersistenceElement.resolveEntityManager(PersistenceAnnotationBeanPostProcessor.java:657)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor$PersistenceElement.getResourcetoInject(PersistenceAnnotationBeanPostProcessor.java:630)
at org.springframework.beans.factory.annotation.InjectionMetadata$InjectedElement.inject(InjectionMetadata.java:150)
at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor.postProcesspropertyValues(PersistenceAnnotationBeanPostProcessor.java:339)
at org.springframework.beans.factory.support.AbstractAutowireCapablebeanfactory.populateBean(AbstractAutowireCapablebeanfactory.java:1106)
at org.springframework.beans.factory.support.AbstractAutowireCapablebeanfactory.doCreateBean(AbstractAutowireCapablebeanfactory.java:517)
at org.springframework.beans.factory.support.AbstractAutowireCapablebeanfactory.createBean(AbstractAutowireCapablebeanfactory.java:456)
at org.springframework.beans.factory.support.Abstractbeanfactory$1.getobject(Abstractbeanfactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.Abstractbeanfactory.doGetBean(Abstractbeanfactory.java:291)
at org.springframework.beans.factory.support.Abstractbeanfactory.getBean(Abstractbeanfactory.java:193)
at org.springframework.beans.factory.support.DefaultListablebeanfactory.findAutowireCandidates(DefaultListablebeanfactory.java:848)
at org.springframework.beans.factory.support.DefaultListablebeanfactory.doResolveDependency(DefaultListablebeanfactory.java:790)
at org.springframework.beans.factory.support.DefaultListablebeanfactory.resolveDependency(DefaultListablebeanfactory.java:707)
at org.glassfish.jersey.server.spring.AutowiredInjectResolver.getBeanFromSpringContext(AutowiredInjectResolver.java:104)
at org.glassfish.jersey.server.spring.AutowiredInjectResolver.resolve(AutowiredInjectResolver.java:96)
at org.jvnet.hk2.internal.ClazzCreator.resolve(ClazzCreator.java:211)
at org.jvnet.hk2.internal.ClazzCreator.resolveAllDependencies(ClazzCreator.java:234)
at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:357)
at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:471)
at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:83)
at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:71)
at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture$1.call(Cache.java:97)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture.run(Cache.java:154)
at org.glassfish.hk2.utilities.cache.Cache.compute(Cache.java:199)
at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:122)
at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2022)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:114)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:88)
at org.glassfish.jersey.internal.inject.Providers.getAllRankedProviders(Providers.java:247)
at org.glassfish.jersey.server.ApplicationHandler.getProcessingProviders(ApplicationHandler.java:772)
at org.glassfish.jersey.server.ApplicationHandler.initialize(ApplicationHandler.java:537)
at org.glassfish.jersey.server.ApplicationHandler.access$500(ApplicationHandler.java:184)
at org.glassfish.jersey.server.ApplicationHandler$3.call(ApplicationHandler.java:350)
at org.glassfish.jersey.server.ApplicationHandler$3.call(ApplicationHandler.java:347)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.processWithException(Errors.java:255)
at org.glassfish.jersey.server.ApplicationHandler.<init>(ApplicationHandler.java:347)
at org.glassfish.jersey.servlet.WebComponent.<init>(WebComponent.java:392)
at org.glassfish.jersey.servlet.ServletContainer.init(ServletContainer.java:177)
at org.glassfish.jersey.servlet.ServletContainer.init(ServletContainer.java:369)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1144)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1091)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:985)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4875)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5189)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase$startChild.call(ContainerBase.java:1412)
at org.apache.catalina.core.ContainerBase$startChild.call(ContainerBase.java:1402)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.naming.NamingException: Unexpected exception resolving reference [Root exception is java.sql.sqlException: Cannot create PoolableConnectionFactory (IO Error: Connection reset)]
at org.apache.naming.NamingContext.lookup(NamingContext.java:856)
at org.apache.naming.NamingContext.lookup(NamingContext.java:159)
at org.apache.naming.NamingContext.lookup(NamingContext.java:827)
at org.apache.naming.NamingContext.lookup(NamingContext.java:173)
at org.apache.naming.factory.ResourceLinkFactory.getobjectInstance(ResourceLinkFactory.java:152)
at javax.naming.spi.NamingManager.getobjectInstance(NamingManager.java:321)
at org.apache.naming.NamingContext.lookup(NamingContext.java:839)
at org.apache.naming.NamingContext.lookup(NamingContext.java:159)
at org.apache.naming.NamingContext.lookup(NamingContext.java:827)
at org.apache.naming.NamingContext.lookup(NamingContext.java:159)
at org.apache.naming.NamingContext.lookup(NamingContext.java:827)
at org.apache.naming.NamingContext.lookup(NamingContext.java:159)
at org.apache.naming.NamingContext.lookup(NamingContext.java:827)
at org.apache.naming.NamingContext.lookup(NamingContext.java:173)
at org.apache.naming.SelectorContext.lookup(SelectorContext.java:163)
at javax.naming.InitialContext.lookup(InitialContext.java:417)
at org.springframework.jndi.JndiTemplate$1.doInContext(JndiTemplate.java:154)
at org.springframework.jndi.JndiTemplate.execute(JndiTemplate.java:87)
at org.springframework.jndi.JndiTemplate.lookup(JndiTemplate.java:152)
at org.springframework.jndi.JndiTemplate.lookup(JndiTemplate.java:178)
at org.springframework.jndi.JndiLocatorSupport.lookup(JndiLocatorSupport.java:95)
at org.springframework.jndi.JndiobjectLocator.lookup(JndiobjectLocator.java:105)
at org.springframework.jndi.Jndiobjectfactorybean.lookupWithFallback(Jndiobjectfactorybean.java:201)
at org.springframework.jndi.Jndiobjectfactorybean.afterPropertiesSet(Jndiobjectfactorybean.java:187)
at org.springframework.beans.factory.support.AbstractAutowireCapablebeanfactory.invokeInitMethods(AbstractAutowireCapablebeanfactory.java:1514)
at org.springframework.beans.factory.support.AbstractAutowireCapablebeanfactory.initializeBean(AbstractAutowireCapablebeanfactory.java:1452)
... 71 more
Caused by: java.sql.sqlException: Cannot create PoolableConnectionFactory (IO Error: Connection reset)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:666)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:544)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getLogWriter(BasicDataSource.java:1064)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory.createDataSource(BasicDataSourceFactory.java:568)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory.getobjectInstance(BasicDataSourceFactory.java:240)
at org.apache.naming.factory.FactoryBase.getobjectInstance(FactoryBase.java:96)
at javax.naming.spi.NamingManager.getobjectInstance(NamingManager.java:321)
at org.apache.naming.NamingContext.lookup(NamingContext.java:839)
... 96 more
Caused by: java.sql.sqlRecoverableException: IO Error: Connection reset
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:467)
at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:546)
at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:236)
at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:521)
at org.apache.tomcat.dbcp.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:55)
at org.apache.tomcat.dbcp.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:357)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:113)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:662)
... 103 more
Caused by: java.net.socketException: Connection reset
at java.net.socketInputStream.read(SocketInputStream.java:210)
at java.net.socketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:757)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at oracle.net.ns.Packet.send(Packet.java:403)
at oracle.net.ns.ConnectPacket.send(ConnectPacket.java:198)
at oracle.net.ns.nsprotocol.connect(nsprotocol.java:293)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1102)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:320)
... 111 more
她是来自 server.xml 的片段
<Resource auth="Container"
driverClassName="oracle.jdbc.driver.OracleDriver" initialSize="10"
jdbcInterceptors="org.apache.tomcat.jdbc.pool.interceptor.ConnectionState;org.apache.tomcat.jdbc.pool.interceptor.StatementFinalizer;org.apache.tomcat.jdbc.pool.interceptor.SlowQueryReportJmx(threshold=10000)"
jmxenabled="true" logAbandoned="true" maxActive="100" maxIdle="100"
maxWaitMillis="10000" minevictableIdleTimeMillis="30000" minIdle="10"
name="jdbc/abcDB" password="abc"
removeAbandonedOnMaintenance="true" removeAbandonedTimeout="7200"
testOnBorrow="true" testOnReturn="false" testWhileIdle="true"
timeBetweenevictionRunsMillis="5000" type="javax.sql.DataSource"
url="jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=Tcps)(HOST=abc-dev.abc.us-east-1.rds.amazonaws.com)(PORT=2484))(CONNECT_DATA=(SERVICE_NAME=abc)))"
username="abc" validationInterval="30000"
validationQuery="SELECT 1 FROM DUAL" />
当我添加调试时 -Djavax.net.debug=all
我在日志中看到了这个
RandomCookie: GMT: 1614618626 bytes = { 97,87,237,119,129,190,112,175,246,122,149,31,204,213,84,167,116,247,182,155,162,201,216,93,78,217,52,146 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves,curve names: {secp256r1,secp384r1,secp521r1,sect283k1,sect283r1,sect409k1,sect409r1,sect571k1,sect571r1,secp256k1}
Extension ec_point_formats,formats: [uncompressed]
Extension extended_master_secret
Extension server_name,server_name: [type=host_name (0),value=abc-dev.abc.us-east-1.rds.amazonaws.com]
***
[write] MD5 and SHA1 hashes: len = 185
0000: 01 00 00 B5 03 01 60 3D 20 02 61 57 ED 77 81 BE ......`= .aW.w..
0010: 70 AF F6 7A 95 1F CC D5 54 A7 74 F7 B6 9B A2 C9 p..z....T.t.....
0020: D8 5D 4E D9 34 92 00 00 2C C0 0A C0 14 00 35 C0 .]N.4...,.....5.
0030: 05 C0 0F 00 39 00 38 C0 09 C0 13 00 2F C0 04 C0 ....9.8...../...
0040: 0E 00 33 00 32 C0 08 C0 12 00 0A C0 03 C0 0D 00 ..3.2...........
0050: 16 00 13 00 FF 01 00 00 60 00 0A 00 16 00 14 00 ........`.......
0060: 17 00 18 00 19 00 09 00 0A 00 0B 00 0C 00 0D 00 ................
0070: 0E 00 16 00 0B 00 02 01 00 00 17 00 00 00 00 00 ................
0080: 38 00 36 00 00 33 73 68 6F 72 74 73 2D 64 65 76 8.6..abc-dev
0090: 2E 63 39 64 66 79 71 6A 6F 62 74 71 66 2E 75 73 .abc.us
00A0: 2D 65 61 73 74 2D 31 2E 72 64 73 2E 61 6D 61 7A -east-1.rds.amaz
00B0: 6F 6E 61 77 73 2E 63 6F 6D onaws.com
localhost-startStop-1,WRITE: TLSv1 Handshake,length = 185
[write] MD5 and SHA1 hashes: len = 122
0000: 01 03 01 00 51 00 00 00 20 00 C0 0A 07 00 C0 00 ....Q... .......
0010: C0 14 00 00 35 00 C0 05 00 C0 0F 00 00 39 00 00 ....5........9..
0020: 38 00 C0 09 06 00 40 00 C0 13 00 00 2F 00 C0 04 8.....@...../...
0030: 01 00 80 00 C0 0E 00 00 33 00 00 32 00 C0 08 00 ........3..2....
0040: C0 12 00 00 0A 07 00 C0 00 C0 03 02 00 80 00 C0 ................
0050: 0D 00 00 16 00 00 13 00 00 FF 60 3D 20 02 61 57 ..........`= .aW
0060: ED 77 81 BE 70 AF F6 7A 95 1F CC D5 54 A7 74 F7 .w..p..z....T.t.
0070: B6 9B A2 C9 D8 5D 4E D9 34 92 .....]N.4.
localhost-startStop-1,WRITE: SSLv2 client hello message,length = 122
[Raw write]: length = 124
0000: 80 7A 01 03 01 00 51 00 00 00 20 00 C0 0A 07 00 .z....Q... .....
0010: C0 00 C0 14 00 00 35 00 C0 05 00 C0 0F 00 00 39 ......5........9
0020: 00 00 38 00 C0 09 06 00 40 00 C0 13 00 00 2F 00 ..8.....@...../.
0030: C0 04 01 00 80 00 C0 0E 00 00 33 00 00 32 00 C0 ..........3..2..
0040: 08 00 C0 12 00 00 0A 07 00 C0 00 C0 03 02 00 80 ................
0050: 00 C0 0D 00 00 16 00 00 13 00 00 FF 60 3D 20 02 ............`= .
0060: 61 57 ED 77 81 BE 70 AF F6 7A 95 1F CC D5 54 A7 aW.w..p..z....T.
0070: 74 F7 B6 9B A2 C9 D8 5D 4E D9 34 92 t......]N.4.
localhost-startStop-1,handling exception: java.net.socketException: Connection reset
localhost-startStop-1,SEND TLSv1.2 ALERT: fatal,description = unexpected_message
localhost-startStop-1,WRITE: TLSv1.2 Alert,length = 2
localhost-startStop-1,Exception sending alert: java.net.socketException: broken pipe (Write Failed)
localhost-startStop-1,called closeSocket()
localhost-startStop-1,called close()
localhost-startStop-1,called closeInternal(true)
Mar 01,2021 12:10:26 PM org.apache.naming.NamingContext lookup
Mar 01,2021 12:10:26 PM org.apache.naming.NamingContext lookup
WARNING: Unexpected exception resolving reference
java.sql.sqlException: Cannot create PoolableConnectionFactory (IO Error: Connection reset)
非常感谢任何帮助。
谢谢
解决方法
我能够通过将本地 tomcat lib 文件夹中的 ojdbc6.jar 更新为 ojdbc8.jar 来解决此问题/Users/dev/apache-tomcat-8.5.60/lib
谢谢大家
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。