Skip to Main Content
Forums

Java Database Connectivity (JDBC)

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Tomcat JDBC Thin driver SSL Oracle Wallet, NoSuchAlgorithmException: SSO KeyStore not available

User_CLABDAug 22 2018 — edited Aug 24 2018

I am trying to configure Tomcat 8.5.32 to connect to a 12.1.0.2 Oracle database using SSL, the JDBC thin driver (ojdbc8.jar) and login credentials from the Oracle wallet on AIX 7.2 using IBM Java 1.8.0.  I am receiving error "NoSuchAlgorithmException: SSO KeyStore not available" when specifying the wallet location using "-Doracle.net.wallet_location='(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/u01/projects/oracle/wallet)))'".  Any help would be greatly appreciated.

Successful Test using “ORCLSSL” wallet credentials with SQLPlus:

[utinip88]PTAPP:/home/phimtwas/sql > sqlplus scott/tiger@ORCLSSL

SQL*Plus: Release 12.1.0.2.0 Production on Wed Aug 22 09:43:44 2018

Copyright (c) 1982, 2014, Oracle.  All rights reserved.

Last Successful login time: Wed Aug 22 2018 09:43:13 -05:00

Connected to:

Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production

With the Partitioning, Oracle Label Security, OLAP, Advanced Analytics

and Real Application Testing options

SQL> select sys_context('USERENV','network_protocol') from dual;

SYS_CONTEXT('USERENV','NETWORK_PROTOCOL')

--------------------------------------------------------------------------------

tcps

I can successfully start Tomcat using the following JDBC resource definition (context.xml):

  <Resource name="jdbc/HADB"

         auth="Container"

         type="javax.sql.DataSource"

factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"

         testWhileIdle="true"

         testOnBorrow="true"

         testOnReturn="false"

         validationQuery="SELECT 1 FROM DUAL"

         validationInterval="3000"

timeBetweenEvictionRunsMillis="3000"

         maxActive="100"

         minIdle="10"

         maxWait="10000"

         initialSize="10"

         removeAbandonedTimeout="60"

         removeAbandoned="true"

         logAbandoned="false"

minEvictableIdleTimeMillis="30000"

         jmxEnabled="true"

jdbcInterceptors="org.apache.tomcat.jdbc.pool.interceptor.StatementFinalizer"

driverClassName="oracle.jdbc.driver.OracleDriver"

url="jdbc:oracle:thin:@ORCLSSL"

         username="scott"

         password="tiger"

/>

… and environment (setenv.sh)

JAVA_HOME=/u01/java8/usr/java8_64/jre

export JAVA_HOME

JAVA_OPTS="$JAVA_OPTS

-Xms1g

-Xmx5g

-XX:NewSize=1g

-DamCryptoDescriptor.provider=IBMJCE

-DamKeyGenDescriptor.provider=IBMJCE

-Dopenam.agents.bootstrap.dir=/u01/projects/cacagent/j2ee_agents/tomcat_v6_agent/Agent_001/config

-Doracle.net.tns_admin=/u01/projects/oracle/wallet

-Djavax.net.ssl.trustStore=/u01/projects/oracle/wallet/ewalletT.jks

-Djavax.net.ssl.trustStoreType=JKS

-Djavax.net.ssl.trustStorePassword='<password>'

-Djavax.net.ssl.keyStore=/u01/projects/oracle/wallet/ewalletK.jks

-Djavax.net.ssl.keyStoreType=JKS

-Djavax.net.ssl.keyStorePassword='<password>'

-Dpage.message.appTitle='ProdTest'"

However, specifying the Oracle wallet location as follows in an attempt to authenticate using the username/password in the wallet (the only change here is to add this to the setenv.sh):

-Doracle.net.wallet_location='(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/u01/projects/oracle/wallet)))'

… produces the following error:

22-Aug-2018 10:08:48.855 WARNING [localhost-startStop-1] org.apache.naming.NamingContext.lookup Unexpected exception resolving reference

java.sql.SQLRecoverableException: IO Error: The Network Adapter could not establish the connection

        at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:774)

        at oracle.jdbc.driver.PhysicalConnection.connect(PhysicalConnection.java:688)

        at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:39)

        at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:691)

        at org.apache.tomcat.jdbc.pool.PooledConnection.connectUsingDriver(PooledConnection.java:319)

        at org.apache.tomcat.jdbc.pool.PooledConnection.connect(PooledConnection.java:212)

        at org.apache.tomcat.jdbc.pool.ConnectionPool.createConnection(ConnectionPool.java:736)

        at org.apache.tomcat.jdbc.pool.ConnectionPool.borrowConnection(ConnectionPool.java:668)

        at org.apache.tomcat.jdbc.pool.ConnectionPool.init(ConnectionPool.java:483)

        at org.apache.tomcat.jdbc.pool.ConnectionPool.<init>(ConnectionPool.java:154)

        at org.apache.tomcat.jdbc.pool.DataSourceProxy.pCreatePool(DataSourceProxy.java:118)

        at org.apache.tomcat.jdbc.pool.DataSourceProxy.createPool(DataSourceProxy.java:107)

        at org.apache.tomcat.jdbc.pool.DataSourceFactory.createDataSource(DataSourceFactory.java:560)

        at org.apache.tomcat.jdbc.pool.DataSourceFactory.getObjectInstance(DataSourceFactory.java:244)

        at org.apache.naming.factory.FactoryBase.getObjectInstance(FactoryBase.java:94)

        at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:332)

        at org.apache.naming.NamingContext.lookup(NamingContext.java:839)

        at org.apache.naming.NamingContext.lookup(NamingContext.java:159)

        at org.apache.naming.NamingContext.lookup(NamingContext.java:827)

        at org.apache.naming.NamingContext.lookup(NamingContext.java:159)

        at org.apache.naming.NamingContext.lookup(NamingContext.java:827)

        at org.apache.naming.NamingContext.lookup(NamingContext.java:159)

        at org.apache.naming.NamingContext.lookup(NamingContext.java:827)

        at org.apache.naming.NamingContext.lookup(NamingContext.java:173)

        at org.apache.naming.SelectorContext.lookup(SelectorContext.java:163)

        at javax.naming.InitialContext.lookup(InitialContext.java:428)

        at net.bull.javamelody.JdbcWrapperHelper.getJndiDataSourcesAt(JdbcWrapperHelper.java:196)

        at net.bull.javamelody.JdbcWrapperHelper.getJndiDataSources(JdbcWrapperHelper.java:156)

        at net.bull.javamelody.JdbcWrapper.rebindDataSources(JdbcWrapper.java:443)

        at net.bull.javamelody.FilterContext.<init>(FilterContext.java:83)

        at net.bull.javamelody.MonitoringFilter.init(MonitoringFilter.java:112)

        at org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:285)

        at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:266)

        at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:108)

        at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4637)

        at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5282)

        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)

        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:754)

        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:730)

        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)

        at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:985)

        at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1857)

        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:522)

        at java.util.concurrent.FutureTask.run(FutureTask.java:277)

        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1153)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)

        at java.lang.Thread.run(Thread.java:785)

Caused by: oracle.net.ns.NetException: The Network Adapter could not establish the connection

        at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:523)

        at oracle.net.resolver.AddrResolution.resolveAndExecute(AddrResolution.java:521)

        at oracle.net.ns.NSProtocol.establishConnection(NSProtocol.java:660)

        at oracle.net.ns.NSProtocol.connect(NSProtocol.java:286)

        at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1438)

        at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:518)

        ... 46 more

Caused by: oracle.net.ns.NetException: Unable to initialize ssl context.

        at oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:564)

        at oracle.net.nt.TcpsNTAdapter.connect(TcpsNTAdapter.java:143)

        at oracle.net.nt.ConnOption.connect(ConnOption.java:161)

        at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:470)

        ... 51 more

Caused by: oracle.net.ns.NetException: Unable to initialize the key store.

        at oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:642)

        at oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:547)

        ... 54 more

Caused by: java.security.KeyStoreException: SSO not found

        at java.security.KeyStore.getInstance(KeyStore.java:862)

        at oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:628)

        ... 55 more

Caused by: java.security.NoSuchAlgorithmException: SSO KeyStore not available

        at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)

        at java.security.Security.getImpl(Security.java:706)

        at java.security.KeyStore.getInstance(KeyStore.java:859)

        ... 56 more
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Sep 21 2018
Added on Aug 22 2018
#java-database-connectivity-jdbc
2 comments
9,359 views