WebSphere Application Server data source test connection fails with java.sql.SQLNonTransientException
Problem:
In WebSphere Application Server v8.5.5.x I created a datasource at server scope and configured TLS settings. When I do a test connection on the datasource it fails
with the following error:
DSRA8040I: Failed to connect to the DataSource jdbc/xxx. Encountered java.sql.SQLNonTransientException: [jcc][t4][20162][14259][4.34.30] Connection failed: could not establish a SSL connection with the server. The connection has been configured to use hostname validation and the servers TLS certificate does not contain a hostname or IP address which matches the value configured by the client. ERRORCODE=-20576, SQLSTATE=08001 DSRA0010E: SQL State = 08001, Error Code = -20,576.
java.sql.SQLNonTransientException: [jcc][t4][20162][14259][4.34.30] Connection failed: could not establish a SSL connection with the server. The connection has been configured to use hostname validation and the servers TLS certificate does not contain a hostname or IP address which matches the value configured by the client. ERRORCODE=-20576, SQLSTATE=08001 DSRA0010E: SQL State = 08001, Error Code = -20,576
at com.ibm.db2.jcc.am.b5.a(b5.java:800) at
com.ibm.db2.jcc.am.b5.a(b5.java:66)
at
com.ibm.db2.jcc.am.b5.a(b5.java:133)
....
at com.ibm.db2.jcc.t4.T4XAConnection.<init>(T4XAConnection.java:32)
at com.ibm.db2.jcc.DB2PooledConnection.<init>(DB2PooledConnection.java:198)
at com.ibm.db2.jcc.DB2XAConnection.<init>(DB2XAConnection.java:105)
at com.ibm.db2.jcc.DB2XADataSource.getXAConnection(DB2XADataSource.java:190)
at
com.ibm.ws.rsadapter.DSConfigHelper$1.run(DSConfigHelper.java:1280)
at
com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManagerImpl.java:5568)
at
com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextManagerImpl.java:5694)
at
com.ibm.ws.security.core.SecurityContext.runAsSystem(SecurityContext.java:255)
at
com.ibm.ws.rsadapter.spi.ServerFunction$6.run(ServerFunction.java:567)
at
com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118)
at
com.ibm.ws.rsadapter.DSConfigHelper.getPooledConnection(DSConfigHelper.java:1295)
at
com.ibm.ws.rsadapter.DSConfigHelper.getPooledConnection(DSConfigHelper.java:1203)
at
com.ibm.ws.rsadapter.DSConfigurationHelper.getConnectionFromDSOrPooledDS(DSConfigurationHelper.java:2159)
at
com.ibm.ws.rsadapter.DSConfigurationHelper.getConnectionFromDSOrPooledDS(DSConfigurationHelper.java:2035)
I tried setting com.ibm.ssl.verifyHostname=false as Global Security custom property as documented in the below link , restarted the dmgr and resynced all the nodes but I still get the same error.
https://www.ibm.com/support/pages/hostname-verification-websphere-application-server-traditionalAlso, tried adding the property to the ssl.client.props file but it did not make any difference. How can I fix the error?