Comments - Maria DB Driver with AWS Aurora
Content reproduced on this site is the property of its respective owners,
and this content is not reviewed in advance by MariaDB. The views, information and opinions
expressed by this content do not necessarily represent those of MariaDB or any other party.
Complete stack trace:
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) [?:1.8.0_91] at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) [?:1.8.0_91] at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) [?:1.8.0_91] at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) [?:1.8.0_91] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509) [?:1.8.0_91] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) [?:1.8.0_91] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) [?:1.8.0_91] at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) [?:1.8.0_91] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) [?:1.8.0_91] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) [?:1.8.0_91] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) [?:1.8.0_91] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) [?:1.8.0_91] at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.handleConnectionPhases(AbstractConnectProtocol.java:738) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connect(AbstractConnectProtocol.java:453) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connect(AbstractConnectProtocol.java:414) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.protocol.AuroraProtocol.loop(AuroraProtocol.java:156) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.failover.impl.AuroraListener.reconnectFailedConnection(AuroraListener.java:207) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.failover.impl.MastersSlavesListener.initializeConnection(MastersSlavesListener.java:159) [mariadb-java-client-2.2.0.jar:?] ... 74 more Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) [?:1.8.0_91] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) [?:1.8.0_91] at sun.security.validator.Validator.validate(Validator.java:260) [?:1.8.0_91] at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) [?:1.8.0_91] at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) [?:1.8.0_91] at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:105) [?:1.8.0_91] at org.mariadb.jdbc.internal.protocol.tls.MariaDbX509TrustManager.checkServerTrusted(MariaDbX509TrustManager.java:208) [mariadb-java-client-2.2.0.jar:?] at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:922) [?:1.8.0_91] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491) [?:1.8.0_91] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) [?:1.8.0_91] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) [?:1.8.0_91] at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) [?:1.8.0_91] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) [?:1.8.0_91] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) [?:1.8.0_91] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) [?:1.8.0_91] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) [?:1.8.0_91] at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.handleConnectionPhases(AbstractConnectProtocol.java:738) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connect(AbstractConnectProtocol.java:453) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connect(AbstractConnectProtocol.java:414) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.protocol.AuroraProtocol.loop(AuroraProtocol.java:156) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.failover.impl.AuroraListener.reconnectFailedConnection(AuroraListener.java:207) [mariadb-java-client-2.2.0.jar:?] at org.mariadb.jdbc.internal.failover.impl.MastersSlavesListener.initializeConnection(MastersSlavesListener.java:159) [mariadb-java-client-2.2.0.jar:?] ... 74 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) [?:1.8.0_91] at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) [?:1.8.0_91] at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) [?:1.8.0_91] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) [?:1.8.0_91] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) [?:1.8.0_91] at sun.security.validator.Validator.validate(Validator.java:260) [?:1.8.0_91] at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) [?:1.8.0_91] at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) [?:1.8.0_91] at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:105) [?:1.8.0_91] at org.mariadb.jdbc.internal.protocol.tls.MariaDbX509TrustManager.checkServerTrusted(MariaDbX509TrustManager.java:208) [mariadb-java-client-2.2.0.jar:?] at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:922) [?:1.8.0_91] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491) [?:1.8.0_91] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) [?:1.8.0_91] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) [?:1.8.0_91] at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) [?:1.8.0_91]
I was thinking about Amazon certificate not following standard (https://jira.mariadb.org/browse/CONJ-511?focusedCommentId=99090&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-99090) but this is a new issue.
MariaDB java connector permits multi-certificate, so there is no reason for that kind of issue. If this still occur, can you create a JIRA issue (https://jira.mariadb.org/projects/CONJ/) that is the Bug tracker for java connector ?