我们将我们的 java 应用程序部署在 WebSphere Application server(8.5.5.12) 中,使用 IBM SDK 8.0.5.17,后端数据库为 oracle (12.1.0.2.0)。我们现在正在尝试加密 WebSphere Application 和数据库之间的数据。我们已按照以下链接https://www.ibm.com/developerworks/community/blogs/d89a3ddf-2acf-4cc8-b11b-14f33b5c653e/entry/Configuring_Secure_Socket_Layer_SSL_communication_between_the_OpenPages_application_server_WebSphere_and_the_Oracle_database?lang=en中记录的确切步骤操作数据源连接出现以下错误
java.sql.SQLRecoverableException:IO 错误:java.lang.RuntimeException:意外错误:java.security.InvalidAlgorithmParameterException:trustAnchors 参数必须为非空 DSRA0010E:SQL 状态 = 08006,错误代码 = 17,002。
相同的配置适用于 IBM SDK 版本 7 (7.0.4.1),但不适用于 IBM SDK 8,是否有人遇到过类似的问题,或者您是否看到任何已知问题使用 IBM SDK 8 配置 SSL。还复制了 ssl 调试日志
Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at com.ibm.jsse2.k.a(k.java:24)
at com.ibm.jsse2.at.a(at.java:572)
at com.ibm.jsse2.at.a(at.java:387)
at com.ibm.jsse2.at.a(at.java:338)
at com.ibm.jsse2.at.a(at.java:733)
at com.ibm.jsse2.i.write(i.java:8)
at oracle.net.ns.Packet.send(Packet.java:419)
at oracle.net.ns.ConnectPacket.send(ConnectPacket.java:241)
at oracle.net.ns.NSProtocolStream.negotiateConnection(NSProtocolStream.java:157)
at oracle.net.ns.NSProtocol.connect(NSProtocol.java:264)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1452)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:496)
... 105 more
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at com.ibm.jsse2.util.f.<init>(f.java:50)
at com.ibm.jsse2.util.e.a(e.java:18)
at com.ibm.jsse2.aB.a(aB.java:21)
at com.ibm.jsse2.aB.a(aB.java:185)
at com.ibm.jsse2.aB.a(aB.java:137)
at com.ibm.jsse2.aB.checkServerTrusted(aB.java:49)
at com.ibm.jsse2.E.a(E.java:166)
at com.ibm.jsse2.E.a(E.java:121)
at com.ibm.jsse2.D.r(D.java:223)
at com.ibm.jsse2.D.a(D.java:198)
at com.ibm.jsse2.at.a(at.java:649)
at com.ibm.jsse2.at.i(at.java:627)
at com.ibm.jsse2.at.a(at.java:310)
at com.ibm.jsse2.i.write(i.java:3)
... 111 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:300)
at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:142)
at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:99)
at com.ibm.jsse2.util.f.<init>(f.java:106)
... 124 more
: {2}.
[6/12/19 6:24:54:097 EDT] 00000098 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /u01/IBM/WebSphere/AppServer/profiles/manuonsite1/logs/ffdc/manuonsite1was_srv_2293118f_19.06.12_06.24.54.0822519622081070003296.txt com.ibm.ws.management.AdminServiceImpl.invoke 679
[6/12/19 6:24:54:098 EDT] 00000098 MBeanHelper E Could not invoke an operation on object: WebSphere:name=DataSourceCfgHelper,process=manuonsite1was_srv,platform=dynamicproxy,node=awscentosNode03,version=8.5.5.12,type=DataSourceCfgHelper,mbeanIdentifier=DataSourceCfgHelper,cell=awscentosNode03Cell,spec=1.0 because of an mbean exception: java.sql.SQLRecoverableException: IO Error: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty DSRA0010E: SQL State = 08006, Error Code = 17,002
[6/12/19 6:24:54:389 EDT] 00000098 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:394 EDT] 00000098 SystemOut O WebContainer : 1, WRITE: TLSv1.2 Application Data, length = 16384
[6/12/19 6:24:54:394 EDT] 00000098 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:399 EDT] 00000098 SystemOut O WebContainer : 1, WRITE: TLSv1.2 Application Data, length = 16384
[6/12/19 6:24:54:399 EDT] 00000098 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:401 EDT] 00000098 SystemOut O WebContainer : 1, WRITE: TLSv1.2 Application Data, length = 323
[6/12/19 6:24:54:401 EDT] 00000098 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:406 EDT] 00000098 SystemOut O WebContainer : 1, WRITE: TLSv1.2 Application Data, length = 16384
[6/12/19 6:24:54:406 EDT] 00000098 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:408 EDT] 000000a0 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:409 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:410 EDT] 00000098 SystemOut O WebContainer : 1, WRITE: TLSv1.2 Application Data, length = 16384
[6/12/19 6:24:54:410 EDT] 00000098 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:412 EDT] 00000098 SystemOut O WebContainer : 1, WRITE: TLSv1.2 Application Data, length = 8
[6/12/19 6:24:54:412 EDT] 00000098 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:414 EDT] 00000098 SystemOut O WebContainer : 1, WRITE: TLSv1.2 Application Data, length = 5276
[6/12/19 6:24:54:416 EDT] 00000098 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:417 EDT] 00000098 SystemOut O WebContainer : 1, WRITE: TLSv1.2 Application Data, length = 5
[6/12/19 6:24:54:444 EDT] 000000a0 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:451 EDT] 000000a0 SystemOut O WebContainer : 6, WRITE: TLSv1.2 Application Data, length = 16384
[6/12/19 6:24:54:451 EDT] 000000a0 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:458 EDT] 000000a0 SystemOut O WebContainer : 6, WRITE: TLSv1.2 Application Data, length = 16384
[6/12/19 6:24:54:458 EDT] 000000a0 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:459 EDT] 000000a0 SystemOut O WebContainer : 6, WRITE: TLSv1.2 Application Data, length = 281
[6/12/19 6:24:54:460 EDT] 000000a0 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:466 EDT] 000000a0 SystemOut O WebContainer : 6, WRITE: TLSv1.2 Application Data, length = 15563
[6/12/19 6:24:54:467 EDT] 000000a0 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:468 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:469 EDT] 000000a0 SystemOut O WebContainer : 6, WRITE: TLSv1.2 Application Data, length = 5
[6/12/19 6:24:54:469 EDT] 000000a1 SystemOut O WebContainer : 7, WRITE: TLSv1.2 Application Data, length = 398
[6/12/19 6:24:54:475 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:488 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:491 EDT] 000000a1 SystemOut O WebContainer : 7, WRITE: TLSv1.2 Application Data, length = 9328
[6/12/19 6:24:54:494 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:506 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:511 EDT] 000000a1 SystemOut O WebContainer : 7, WRITE: TLSv1.2 Application Data, length = 16384
[6/12/19 6:24:54:511 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:513 EDT] 000000a1 SystemOut O WebContainer : 7, WRITE: TLSv1.2 Application Data, length = 4956
[6/12/19 6:24:54:516 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:529 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:531 EDT] 000000a1 SystemOut O WebContainer : 7, WRITE: TLSv1.2 Application Data, length = 5753
[6/12/19 6:24:54:552 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:578 EDT] 000000a1 ServletWrappe I com.ibm.ws.webcontainer.servlet.ServletWrapper init SRVE0242I: [isclite] [/ibm/console] [/secure/javascriptToSession.jsp]: Initialization successful.
[6/12/19 6:24:54:579 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:580 EDT] 000000a1 SystemOut O WebContainer : 7, WRITE: TLSv1.2 Application Data, length = 284
[6/12/19 6:24:54:581 EDT] 000000a1 SystemOut O CipherBox: Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
[6/12/19 6:24:54:582 EDT] 000000a1 SystemOut O WebContainer : 7, WRITE: TLSv1.2 Application Data, length = 5
[6/12/19 6:24:54:637 EDT] 0000005a SystemOut O SSLv3 protocol was requested but was not enabled
[6/12/19 6:24:54:643 EDT] 0000005b SystemOut O SSLv3 protocol was requested but was not enabled
[6/12/19 6:24:59:643 EDT] 0000005a SystemOut O SSLv3 protocol was requested but was not enabled
[6/12/19 6:24:59:648 EDT] 0000005b SystemOut O SSLv3 protocol was requested but was not enabled
[6/12/19 6:25:04:648 EDT] 0000005a SystemOut O SSLv3 protocol was requested but was not enabled
[6/12/19 6:25:04:653 EDT] 0000005b SystemOut O SSLv3 protocol was requested but was not enabled
[6/12/19 6:25:09:654 EDT] 0000005a SystemOut O SSLv3 protocol was requested but was not enabled
[6/12/19 6:25:09:658 EDT] 0000005b SystemOut O SSLv3 protocol was requested but was not enabled