bobstarbird
commented
1 year ago I have not tried it (yet). Maybe the following information might be useful:
The documentation for the Postgres JDBC driver SSL is here: https://jdbc.postgresql.org/documentation/ssl/
The community version of the ML JDBC driver is older than this documentation.
https://jdbc.postgresql.org/documentation/use/#connection-parameters/
sslrootcert=
or possibly using Java trust store configuration:
-Djavax.net.ssl.keyStore=/path/to/local.keystore -Djavax.net.ssl.keyStorePassword=changeme -Djavax.net.ssl.trustStore=/path/to/local.keystore -Djavax.net.ssl.trustStorePassword=changeme -Djavax.net.ssl.keyStoreType=JKS
On Wed, Nov 30, 2022 at 5:09 AM Geert @.***> wrote:
I am trying to use DBeaver to setup a connection to an ODBC server. Using a non-ssl-enabled port works fine. Using an ssl-enabled port works fine too, even with verify-ca. Using a client cert to login fails however. I keep getting the message that I am not providing a valid password (which I left blank intentionally). Looking at the code of mljdbc, I wonder if using client certs to authenticate is supported at all. Does anyone know?
https://developer.marklogic.com/code/jdbc/#authentication provides good detail on how to setup an SSL connection to an ODBC app server with SSL enabled, but doesn't go as far as telling whether using client certs to authenticate is possible, and if so, how. I was told by Support however, to have a look here: https://www.postgresql.org/docs/10/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT. That page speaks about sslcert and sslkey properties, which are easily configured in DBeaver, which is showing a nice list of Driver properties to pick from.
PS: the link to https://basildoncoder.com/blog/postgresql-jdbc-client-certificates.html on the mentioned DMC page is dead..
— Reply to this email directly, view it on GitHub https://github.com/marklogic-community/ml-jdbc-driver/issues/25, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAOG6G464NIJKQ7KA2C53A3WK4RWXANCNFSM6AAAAAASPOJ3IA . You are receiving this because you are subscribed to this thread.Message ID: @.***>
-- Robert Starbird Software Professional Services Cell: (781) 548-9427 @.*** http://www.linkedin.com/in/robertstarbird
grtjn
I am trying to use DBeaver to setup a connection to an ODBC server. Using a non-ssl-enabled port works fine. Using an ssl-enabled port works fine too, even with verify-ca. Using a client cert to login fails however. I keep getting the message that I am not providing a valid password (which I left blank intentionally). Looking at the code of mljdbc, I wonder if using client certs to authenticate is supported at all. Does anyone know?
https://developer.marklogic.com/code/jdbc/#authentication provides good detail on how to setup an SSL connection to an ODBC app server with SSL enabled, but doesn't go as far as telling whether using client certs to authenticate is possible, and if so, how. I was told by Support however, to have a look here: https://www.postgresql.org/docs/10/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT. That page speaks about sslcert and sslkey properties, which are easily configured in DBeaver, which is showing a nice list of Driver properties to pick from.
PS: the link to https://basildoncoder.com/blog/postgresql-jdbc-client-certificates.html on the mentioned DMC page is dead..