我正在尝试连接到 AWS 的 oracle rds。它具有证书 rds-ca-2019,我已经为其生成了 clientkeystore.jks 并使用连接钱包,当我从 EC2 VM 运行它时,它能够建立连接。
但是,当我从 docker 容器运行它时,它不起作用。
它抛出一个错误:
SSLHandshakeException: The server selected protocol version TLS10 is not accepted by client preferences [TLS13, TLS12]
所以让它工作我提到:https ://aws.amazon.com/blogs/opensource/tls-1-0-1-1-changes-in-openjdk-and-amazon-corretto/
javax.net.ssl.SSLHandshakeException :客户端首选项不接受服务器选择的协议版本 TLS10 [TLS13,TLS12]
码头工人内容:
FROM ubuntu:21.04
RUN apt-get update && apt-get install openjdk-8-jre -y
COPY myjar-with-dependencies.jar /usr/app/app.jar
RUN mkdir -p /myfile/wallet
COPY cwallet.sso /myfile/wallet/cwallet.sso
RUN mkdir -p /myfile/certificates/
COPY clientkeystore.jks /myfile/certificates/clientkeystore.jks
RUN mkdir -p /myfile/tns
COPY *.ora /myfile/tns/
RUN mkdir -p /myfile/security
COPY custom.java.security /myfile/security
CMD java -jar /usr/app/app.jar \
-Doracle.net.tns_admin=/myfile/tns \
-Doracle.net.wallet_location="(SOURCE=(METHOD=file)(METHOD_DATA=(DIRECTORY=/myfile/wallet)))" \
-Doracle.net.ssl_server_dn_match=true \
-Doracle.net.SSL_CIPHER_SUITES="(SSL_RSA_WITH_AES_256_CBC_SHA)" \
-Doracle.net.SSL_CLIENT_AUTHENTICATION=false \
-Djava.security.properties=/myfile/security/custom.java.security
``
Do you have suggestions to make it work?