You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, it's not possible to keep the cipher tool encrypted clientCertificateKeyStorePassword as $secret{truststore_password} instead of a plain text password. When adding the encrypted password in the URL as follows, it fails with an error in the server startup or when calling the database operations.
Caused by: java.sql.SQLException: Driver:com.mysql.jdbc.Driver@1ff840c1 returned null for URL:wso2carbon at org.apache.tomcat.jdbc.pool.PooledConnection.connectUsingDriver(PooledConnection.java:338) at org.apache.tomcat.jdbc.pool.PooledConnection.connect(PooledConnection.java:212) at org.apache.tomcat.jdbc.pool.ConnectionPool.createConnection(ConnectionPool.java:744) at org.apache.tomcat.jdbc.pool.ConnectionPool.borrowConnection(ConnectionPool.java:676) at org.apache.tomcat.jdbc.pool.ConnectionPool.getConnection(ConnectionPool.java:198) at org.apache.tomcat.jdbc.pool.DataSourceProxy.getConnection(DataSourceProxy.java:131) at org.wso2.carbon.identity.core.persistence.JDBCPersistenceManager.getDBConnection(JDBCPersistenceManager.java:147) ... 32 more
Expected behavior:
JDBC URL should work with cipher tool encrypted clientCertificateKeyStorePassword.
Environment information
Product Version: [APIM 4.0.0]
Userstore: [JDBC]
Steps to Reproduce
Enable secure vault
Use the security place holder of the client trust store in the db connection url
Description
Description:
When we are connecting with JDBC databases and SSL is enabled, the JDBC URL is as follows.
jdbc:mysql://<IS_HOME>:3306/<DB_NAME>?useSSL=true&requireSSL=true&autoReconnect=true&clientCertificateKeyStoreUrl=file:./repository/resources/security/client-truststore.jks&clientCertificateKeyStorePassword=***********
However, it's not possible to keep the cipher tool encrypted clientCertificateKeyStorePassword as $secret{truststore_password} instead of a plain text password. When adding the encrypted password in the URL as follows, it fails with an error in the server startup or when calling the database operations.
url = "jdbc:mysql://$env{WSO2_DB_HOSTNAME}/apimgtdb?autoReconnect=true&useSSL=true&requireSSL=true&clientCertificateKeyStoreUrl=file:repository/resources/security/client-truststore.jks&clientCertificateKeyStorePassword=$secret{client_truststore_password}"
Caused by: java.sql.SQLException: Driver:com.mysql.jdbc.Driver@1ff840c1 returned null for URL:wso2carbon at org.apache.tomcat.jdbc.pool.PooledConnection.connectUsingDriver(PooledConnection.java:338) at org.apache.tomcat.jdbc.pool.PooledConnection.connect(PooledConnection.java:212) at org.apache.tomcat.jdbc.pool.ConnectionPool.createConnection(ConnectionPool.java:744) at org.apache.tomcat.jdbc.pool.ConnectionPool.borrowConnection(ConnectionPool.java:676) at org.apache.tomcat.jdbc.pool.ConnectionPool.getConnection(ConnectionPool.java:198) at org.apache.tomcat.jdbc.pool.DataSourceProxy.getConnection(DataSourceProxy.java:131) at org.wso2.carbon.identity.core.persistence.JDBCPersistenceManager.getDBConnection(JDBCPersistenceManager.java:147) ... 32 moreExpected behavior:
JDBC URL should work with cipher tool encrypted clientCertificateKeyStorePassword.
Environment information
Product Version: [APIM 4.0.0]
Userstore: [JDBC]
Steps to Reproduce
Affected Component
APIM
Version
4.0.0.302
Environment Details (with versions)
No response
Relevant Log Output
No response
Related Issues
wso2/product-is#14109
Suggested Labels
No response
The text was updated successfully, but these errors were encountered: