连接 JDBC MS SQL Server 时证书不符合算法约束

Posted 2023-03-27

【中文标题】连接 JDBC MS SQL Server 时证书不符合算法约束

【英文标题】：Certificates does not conform to algorithm constraints when connecting to JDBC MS SQL Server

【发布时间】：2016-12-19 22:48:03

【问题描述】：

我正在尝试将我的 Spring 应用程序连接到 Microsoft SQL Server 数据库，但出现以下错误：

Request processing failed; nested exception is org.springframework.transaction.CannotCreateTransactionException: Could not open JPA EntityManager for transaction; nested exception is org.hibernate.exception.JDBCConnectionException: Unable to acquire JDBC Connection] with root cause
 java.security.cert.CertificateException: Certificates does not conform to algorithm constraints

我已经尝试将 JDK 的 certpath 设置删除为空白，例如：jdk.certpath.disabledAlgorithms=

这是我的配置：

@Configuration
@EnableJpaRepositories("com.abc.cet.eai.repository.sql")
@PropertySource("classpath:eai.application.properties")
public class JpaConfig 

    @Bean
    public DataSource dataSource() 
        SQLServerDataSource dataSource = new SQLServerDataSource();
        dataSource.setServerName("SERVERNAME");
        dataSource.setUser("USERNAME");
        dataSource.setPassword("PASSWORD");
        dataSource.setDatabaseName("DATABASE_NAME");
        return dataSource;
    

    @Bean
    public LocalContainerEntityManagerFactoryBean entityManagerFactory() 
        LocalContainerEntityManagerFactoryBean factory = new LocalContainerEntityManagerFactoryBean();
        factory.setPackagesToScan("com.abc.cet.eai.domain");
        factory.setDataSource(dataSource());
        JpaVendorAdapter vendorAdapter = new HibernateJpaVendorAdapter();
        factory.setJpaVendorAdapter(vendorAdapter);
        factory.setJpaProperties(additionalProperties());

        return factory;
    

    @Bean
    public PlatformTransactionManager transactionManager() 
        JpaTransactionManager txManager = new JpaTransactionManager();
        txManager.setEntityManagerFactory(entityManagerFactory().getObject());
        return txManager;
    

    public Properties additionalProperties() 
        Properties properties = new Properties();
        properties.setProperty("hibernate.dialect", "org.hibernate.dialect.SQLServer2008Dialect");
        return properties;
    

有没有人解决过类似的问题？

【参考方案1】：

您遇到的问题与我在WAGON-470 中遇到的问题基本相同。使用 MD5 创建的证书被现代 Java 拒绝。您应该检查证书本身、服务器提供的密码并启用 JSSE 调试选项。您可能需要使用更安全的方法（如 SHA256）更新/交换您的证书。