Fatal编程技术网
  • amazon-web-services/
  • Amazon web services Amazon 500150错误设置关闭连接常规SSLEngine

Amazon web services Amazon 500150错误设置关闭连接常规SSLEngine

amazon-web-services ssl amazon-redshift

Amazon web services Amazon 500150错误设置关闭连接常规SSLEngine,amazon-web-services,ssl,amazon-redshift,Amazon Web Services,Ssl,Amazon Redshift,在连接到亚马逊红移时,我发现以下错误: 2016-04-14 13:49:30 ERROR SQL Exception when connecting [Amazon](500150) Error setting/closing connection: General SSLEngine problem. java.sql.SQLException: [Amazon](500150) Error setting/closing connection: General SSLEngine prob

在连接到亚马逊红移时,我发现以下错误:

2016-04-14 13:49:30 ERROR SQL Exception when connecting [Amazon](500150) Error setting/closing connection: General SSLEngine problem.
java.sql.SQLException: [Amazon](500150) Error setting/closing connection: General SSLEngine problem.
    at workbench.db.DbDriver.connect(DbDriver.java:546)
    at workbench.db.ConnectionMgr.connect(ConnectionMgr.java:244)
    at workbench.db.ConnectionMgr.getConnection(ConnectionMgr.java:172)
    at workbench.gui.components.ConnectionSelector.doConnect(ConnectionSelector.java:227)
    at workbench.gui.components.ConnectionSelector$1.run(ConnectionSelector.java:131)
Caused by: java.sql.SQLException: [Amazon](500150) Error setting/closing connection: General SSLEngine problem.
    at com.amazon.redshift.client.PGClient.<init>(Unknown Source)
    at com.amazon.redshift.core.PGJDBCConnection.connect(Unknown Source)
    at com.amazon.jdbc.common.BaseConnectionFactory.doConnect(Unknown Source)
    at com.amazon.jdbc.common.AbstractDriver.connect(Unknown Source)
    at workbench.db.DbDriver.connect(DbDriver.java:513)
    at workbench.db.ConnectionMgr.connect(ConnectionMgr.java:244)
    at workbench.db.ConnectionMgr.getConnection(ConnectionMgr.java:172)
    at workbench.gui.components.ConnectionSelector.doConnect(ConnectionSelector.java:227)
尝试以下方法

基于环境变量Java_HOME的Java安装运行keystorekeytool(您可能有多个Java安装,所以只需使用默认值)。使用JRE附带的默认cacerts密钥库,其密码为“changeit”。你需要下载

然后安装证书,例如:

C:\Program Files\Java\jdk1.8.0_25\jre\bin>keytool.exe -keystore "C:\Program Files\Java\jdk1.8.0_25\jre\lib\security\cacerts" -import -alias redshift -file redshift-ssl-ca-cert.pem
它会提示您输入密码(“changeit”),然后会说已经添加了密钥。如果失败,可能是因为您不是管理员用户,因此如果在linux中使用sudo或在windows中以管理员身份打开命令窗口

使用cacerts密钥库和上面输入的密码启动MYSQL Workbench,例如:

C:\apps\SQL-Workbench-Build118>java -Djavax.net.ssl.trustStore="C:\Program Files\Java\jdk1.8.0_25\jre\lib\security\cacerts" -Djavax.net.ssl.trustStorePassword=changeit -jar sqlworkbench.jar
您应该能够使用上面的URL,现在应该可以使用了。

当我在databricks论坛上遵循cfregly给出的解决方案时,它对我起到了作用。请遵循此解决方案的以下URL:

请尝试在连接URL字符串中添加sslfactory值,如下所示-这可能有效

ssl=true&sslfactory=org.postgresql.ssl.NonValidatingFactory

请在没有服务器证书的情况下添加以下内容

ssl=true&sslfactory=com.amazon.redshift.ssl.NonValidatingFactory
以下是sslfactory的可能值

com.amazon.redshift.ssl.NonValidatingFactory
org.postgresql.ssl.NonValidatingFactory
请看

你能再解释一下吗?是的。我已更新了问题的详细信息。此解决方案对我有效。我有一些确切的问题,当我添加“&sslfactory=org.postgresql.ssl.NonValidatingFactory shareeditflag”时,我能够连接到红移DWF注意,这会产生一个潜在的安全问题,因为您(客户端)不再验证服务器的标识。此解决方案也适用于Jetbrains IDE的数据源连接。在IDE的“数据源和驱动程序”部分中的红移驱动程序的“高级”选项卡下编辑这些值 
com.amazon.redshift.ssl.NonValidatingFactory
org.postgresql.ssl.NonValidatingFactory