TCPS and SSLv2Hello

Thanks to platform independence, the same java code work on different platforms.


import java.util.Properties;
import java.security.Security;
import java.sql.*;
import javax.net.ssl.*;

public class KeyStore {
public static void main(String argv[])
throws SQLException {
String url="jdbc:oracle:thin:@(DESCRIPTION="+
"(ADDRESS=(PROTOCOL=TCPS)(Host=SRV01)("+
"Port=1521))(CONNECT_DATA=(SID=DB01)))";
Properties props = new Properties();
props.setProperty("user", "scott");
props.setProperty("password", "tiger");
props.setProperty("javax.net.ssl.trustStore",
"keystore.jks");
props.setProperty(
"javax.net.ssl.trustStoreType","JKS");
props.setProperty(
"javax.net.ssl.trustStorePassword","***");
DriverManager.registerDriver(
new oracle.jdbc.OracleDriver());
Connection conn =
DriverManager.getConnection(url, props);
ResultSet res = conn.prepareCall("select "+
"sys_context('USERENV','NETWORK_PROTOCOL"+
"') txt from dual").
executeQuery();
res.next();
System.out.println("PROTOCOL: "+
res.getString("TXT"));
}
}

The code above perfectly works with Linux and Windows.

Okay, in AIX you will get IllegalArgumentException SSLv2Hello at com.ibm.jsse2.sb.a if you don’t add

props.setProperty("oracle.net.ssl_version","3.0");

The default does not work with the Oracle AIX client. Just set it to 1.0 and 3.0 and you will be a bit less plateform-dependent

1 thought on “TCPS and SSLv2Hello

  1. Pingback: ssl version | Laurent Schneider

Comments are closed.