WebSphere Application Server & Liberty

 View Only

 WebSphere Application Server data source test connection fails with java.sql.SQLNonTransientException

Jump to  Best Answer
Alejandro Porras's profile image
Alejandro Porras posted Thu September 11, 2025 02:53 PM
WebSphere Application Server data source test connection fails with java.sql.SQLNonTransientException
 
Problem:
In WebSphere Application Server v8.5.5.x I created a datasource at server scope and configured TLS settings. When I do a test connection on the datasource it fails
with the following error:
DSRA8040I: Failed to connect to the DataSource jdbc/xxx.  Encountered java.sql.SQLNonTransientException: [jcc][t4][20162][14259][4.34.30] Connection failed: could not establish a SSL connection with the server. The connection has been configured to use hostname validation and the servers TLS certificate does not contain a hostname or IP address which matches the value configured by the client. ERRORCODE=-20576, SQLSTATE=08001 DSRA0010E: SQL State = 08001, Error Code = -20,576.
 
java.sql.SQLNonTransientException: [jcc][t4][20162][14259][4.34.30] Connection failed: could not establish a SSL connection with the server. The connection has been configured to use hostname validation and the servers TLS certificate does not contain a hostname or IP address which matches the value configured by the client. ERRORCODE=-20576, SQLSTATE=08001 DSRA0010E: SQL State = 08001, Error Code = -20,576
 
at com.ibm.db2.jcc.am.b5.a(b5.java:800)
at com.ibm.db2.jcc.am.b5.a(b5.java:66)
at com.ibm.db2.jcc.am.b5.a(b5.java:133)
....
at com.ibm.db2.jcc.t4.T4XAConnection.<init>(T4XAConnection.java:32)
at com.ibm.db2.jcc.DB2PooledConnection.<init>(DB2PooledConnection.java:198)
at com.ibm.db2.jcc.DB2XAConnection.<init>(DB2XAConnection.java:105)
at com.ibm.db2.jcc.DB2XADataSource.getXAConnection(DB2XADataSource.java:190)
at com.ibm.ws.rsadapter.DSConfigHelper$1.run(DSConfigHelper.java:1280)
at com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManagerImpl.java:5568)
at com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextManagerImpl.java:5694)
at com.ibm.ws.security.core.SecurityContext.runAsSystem(SecurityContext.java:255)
at com.ibm.ws.rsadapter.spi.ServerFunction$6.run(ServerFunction.java:567)
at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118)
at com.ibm.ws.rsadapter.DSConfigHelper.getPooledConnection(DSConfigHelper.java:1295)
at com.ibm.ws.rsadapter.DSConfigHelper.getPooledConnection(DSConfigHelper.java:1203)
at com.ibm.ws.rsadapter.DSConfigurationHelper.getConnectionFromDSOrPooledDS(DSConfigurationHelper.java:2159)
at com.ibm.ws.rsadapter.DSConfigurationHelper.getConnectionFromDSOrPooledDS(DSConfigurationHelper.java:2035)
 
I tried setting com.ibm.ssl.verifyHostname=false as Global Security custom property as documented in the below link , restarted the dmgr and resynced all the nodes but I still get the same error.
https://www.ibm.com/support/pages/hostname-verification-websphere-application-server-traditional
 
Also, tried adding the property to the ssl.client.props file but it did not make any difference. How can I fix the error?
GEETA NADELLA's profile image
GEETA NADELLA posted Fri September 12, 2025 09:39 AM  Best Answer

Per the DB2 documentation, for db2 versions 12.1 and later the default value for sslClientHostnameValidation is Basic
and before v12.1, the default value was OFF. Please refer to the following links for details:


https://www.ibm.com/docs/en/db2/12.1.0?topic=keywords-sslclienthostnamevalidation


https://www.ibm.com/docs/en/db2/11.5.x?topic=information-data-server-driver-jdbc-sqlj-configuration-properties

To fix the error:

Please set the the datasource custom property sslClientHostnameValidation to OFF on the jdbc/xxx datasource and restart the server.

Related Content