Encrypted Connection to Oracle DB

Jason67 · April 9, 2014, 10:17pm

I recently installed OpenFire to test functionality and so far so good. However we have a desire to encrypt the communications between the OpenFire server and the Oracle database we are using on the back end. The installation was setup with the Oracle Thin Client using the @/servername:port/service syntax as specified in the OpenFire documentation. This worked perfectly for establishing an unencrypted connection, but now we want to try using an encrypted connection to the database. According to an April 2010 whitepaper on the Oracle JDBC Thin driver the JDBC URL must ust the “tcps” protocol in order to activate SSL and it provides the following example:

jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps) (HOST=servername) (PORT=2484)) (CONECT_DATA=(SERVICE_NAME=servicename)))

Unfortunately, OpenFire does not support this type of entry. Anyone know if there is another way to configure encryption between OpenFire and an Oracle Database?

LG1 · April 10, 2014, 5:24am

Do you get an error message after putting this in openfire.xml and starting Openfire?

Jason67 · April 10, 2014, 4:26pm

Updating the openfire.xml file directly results in the following error being listed in stderror:

Database setup or configuration error: Please verify your database settings and check the logs/error.log file for detailed error messages.

java.lang.IllegalArgumentException: java.sql.SQLException: ConnectionManager.getConnection() failed to obtain a connection after 11 retries. The exception from the last attempt is as follows: java.sql.SQLRecoverableException: IO Error: NL Exception was generated

at org.jivesoftware.openfire.XMPPServer.verifyDataSource(XMPPServer.java:770)

at org.jivesoftware.openfire.XMPPServer.start(XMPPServer.java:486)

at org.jivesoftware.openfire.XMPPServer.(XMPPServer.java:216)

at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)

at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)

at sun.refelct.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)

at java.lang.reflect.Constructor.newInstance(Unknown Source)

at java.lang.class.newInstance(Unknown Source)

at org.jivesoftware.openfire.starter.ServerStarter.start(ServerStarter.java:113)

at org.jivesoftware.openfire.starter.ServerStarter.main(ServerStarter.java:58)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invole(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

at java.lang.reflect.Method.invoke(Unknown Source)

at com.exe4j.runtime.LauncherEngine.launch(Unknown Source)

at com.exe4j.runtime.winLauncher$2.run(Unknown Source)

caused by: java.sql.SQLException: ConnectionManager.getConnection() failed to obtain a connection after 11 retries.

LG1 · April 10, 2014, 5:00pm

If there is no other expcetion before then it’s odd. In verifyDatasource “SELECT count(*) FROM ofID” is executed and this should work without issues.

Jason67 · April 10, 2014, 5:01pm

Running latest verison (3.9.1) on Windows 2008 R2. Installing full client now to verify the problem isn’t on the back end…

Jason67 · April 10, 2014, 8:51pm

Looks like there was a problem with the Oracle configurations. I’ve got the DBA working on it now and will try again once he’s verified everthing is setup correctly and we have connectivity using the full client and let you know how it goes.