February 17, 2015 at 7:31 am
Hi all,
We have a Java servlet running on Tomcat and Windows and all database connections are encrypted using SSL. This works apart from a strange issue on one of the connections (SQL Server) which I do not understand. I am using WireShark to check the encryption is working but, whenever a new login is performed through the servlet, the FIRST data transfer for this particular connection is only partially encrypting, but if a second or third data transfer to this database connection is made under the same login the entire message is encrypted.
After the login all requests are handled through a token provided by Tomcat. The servlet also connects to an Oracle database which encrypts all the messages from the outset.
Why will the first data transfer only be partially encrypting? The client machine is not running a SQL Server client
Here is the JNDI entry in Tomcats context.xml file but obviously a few things amended to hide them
driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver"
factory="org.moss.jdj.dbcp.EncryptedDataSourceFactory" maxActive="100"
maxIdle="30" maxWait="10000" name="jdbc/connectionname"
password="*******" type="javax.sql.DataSource"
url="jdbc:sqlserver://databaseinstallname\db_instancename:2369;
databaseName=Images;encrypt=true;trustServerCertificate=true"
username="*******" />
Here is the entry in Tomcats server.xml file but again a few things amended to hide them
protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
maxThreads="150" minSpareThreads="25"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" KeyAlias="ows"
KeystoreFile="C:\SSLKeys\ows.key" KeystorePass="********" />
Thanks in advance
Regards
AJF
Viewing 0 posts
You must be logged in to reply to this topic. Login to reply