突然我在尝试从DB2驱动程序中的某个位置从自动配置的Liberty服务器访问dashDb时收到SSL错误消息。我在已部署的文件中验证了默认密钥库已自动配置到liberty服务器中。访问dashDB数据源时Bluemix liberty运行时握手失败
这里发生了什么?
java.security.cert.CertPathValidatorException: The certificate issued by CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US is not trusted; internal cause is:
[ERROR ] CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN CN=*.services.dal.bluemix.net, O=International Business Machines Corporation, L=Armonk, ST=New York, C=US was sent from the target host. The signer might need to be added to local trust store /home/vcap/app/wlp/usr/servers/BluemixServer/resources/security/key.jks, located in SSL configuration alias defaultSSLConfig. The extended error message from the SSL handshake exception is: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is
[err] java.sql.SQLNonTransientException: [jcc][t4][2030][11211][4.19.49] A communication error occurred during operations on the connection's underlying socket, socket input stream,
or socket output stream. Error location: Reply.fill() - socketInputStream.read (-1). Message: java.security.cert.CertificateException: PKIXCertPathBuilderImpl could not build a valid CertPath.. ERRORCODE=-4499, SQLSTATE=08001 DSRA0010E: SQL State = 08001, Error Code = -4,499
[err] at com.ibm.db2.jcc.am.kd.a(Unknown Source)
谢谢。这个影响是否通知过?只是为了检查为什么我错过了这个:) – jeet
在Bluemix状态页面上发布了一条通知。 https://status.ng.bluemix.net/ 2017年3月8日上午10:33更新dashDB服务 更新描述:用于Analytics Entry和SMP服务的IBM dashDB将进行定期维护。在此维护时段期间,将对dashDB服务的最新更新应用于可靠性,功能增强和安全性。 – ValerieLampkin