在工作中,我正在尝试使Tomcat 8.5.34应用程序使用Oracle Wallet通过TCPS连接到Oracle DB 12.2.0.1。
我遵循了许多不同的指导,并进行了以下操作:
在catalina lib /文件夹中添加了oraclepki.jar,ojdbc8.jar,osdt_core.jar和osdt_core.jar。
修改了java.security提供程序,使其在列出的提供程序底部包括oracle.security.pki.OraclePKIProvider。
我将JNDI连接器配置为通过别名连接到数据库。
在Tomcat的setenvs.sh中,添加了以下内容:
-Doracle.net.tns_admin=< wallet files location with tnsora>
-Doracle.net.wallet_location="(SOURCE=(METHOD=FILE) (METHOD_DATA = (DIRECTORY=< wallet files location with tnsora>)))"
然而,日志说:
Caused by: oracle.net.ns.NetException: Unable to initialize the key store.
at oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:642)
at oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:547)
... 41 more
Caused by: java.security.KeyStoreException: SSO not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:628)
... 42 more
Caused by: java.security.NoSuchAlgorithmException: SSO KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 43 more
奇怪的是,我用Java编写了一个快速测试应用程序,该应用程序成功地实现了连接!
java -Doracle.net.tns_admin="< wallet files location with tnsora>" -Doracle.net.wallet_location="(SOURCE=(METHOD=FILE) (METHOD_DATA = (DIRECTORY=< wallet files location with tnsora>)))" -cp ./lib/ojdbc8.jar:/root:./lib/oraclepki.jar:./lib/osdt_core.jar:./lib/osdt_cert.jar DataSourceSample
AArray = [B@6328d34a
AArray = [B@145eaa29
AArray = [B@15bb6bea
AArray = [B@52aa2946
AArray = [B@4de5031f
AArray = [B@67e2d983
Driver Name: Oracle JDBC driver
Driver Version: 12.2.0.1.0
Default Row Prefetch Value is: 20
Database Username is:
....
....
Results
我没有所有可能的选择。
**更新1 **
我在Tomcat上运行了。 我可以确认Tomcat确实看到了钱包文件:
[pid 21880] lstat(“ / cwallet.sso”,{st_mode = S_IFREG | 0700,st_size = 4741,...})= 0 [pid 21880] stat(“ / cwallet.sso.lck”,{st_mode = S_IFREG | 0600,st_size = 0,...})= 0 [pid 21880] stat(“ / oracle_wallets / cwallet.sso.lck”,{st_mode = S_IFREG | 0600,st_size = 0,...})= 0 [ pid 21880] stat(“ / cwallet.sso.lck”,{st_mode = S_IFREG | 0600,st_size = 0,...})= 0 [pid 21880] chmod(“ / cwallet.sso.lck”,0100200)= 0