Service Virtualization

  • Private Community

  • 1.  How can IAM access SSL enabled MySQL ?

    Posted May 07, 2019 03:38 AM

    When we are configuring IAM to access the MYSQL database we are doing the following 

     

    executing the DataSourceUpdater

    $LISA_HOME/IdentityAccessManager/bin/DataSourceUpdater

     

    And entering the following

     

    Please provide the following values to configure Identity and Access Manager datasource
    Database Vendor [EMBEDDED|DB2|MSSQL|MYSQL|ORACLE] :
    MYSQL
    Database Host :
    localhost
    Database Port :
    3306
    Database Name :
    devtest_databasename
    Database UserId :
    devtest_databaseuser
    Database Password :
    devtest_databasepassword
    Database Driver(jar) Location :
    /opt/CA/DevTest/lib/shared/mysql-connector-java-5.1.47.jar

     

    I would expect us to do the following when accessing a SSL enabled database

    Database Name :

    devtest_databasename?useSSL=true

     

    But the result is that IAM is trying to access 

     

    devtest_databasename?useSSL=true?useSSL=false

     

    which means adding the ?useSSL=false to the string inserted as the Database Name

     

    How can we configure IAM to access the SSL enabled database ?

     

     

     



  • 2.  Re: How can IAM access SSL enabled MySQL ?

    Broadcom Employee
    Posted May 07, 2019 07:00 AM

    Hi MikaelDrewes 

     

    Unfortunately, the DataSourceUpdater utility doesnt seem to take in value for useSSL attribute of DB connection. Please, you may raise a support ticket to get this resolved.

     

    In the meanwhile, you may follow the workaround outlined below:

     

    1. Configure MYSQL Database without passing the useSSL flag explicitly

    2. Once the command runs successfully, the file %LISA_HOME%\IdentityAccessManager\standalone\configuration\standalone.xml  gets updated.

    3. Open this file in a text editor and search for useSSL. Change the value of this attribute to true, save the file

    4. Restart IAM 

     

    regards

    Sankar

                    



  • 3.  Re: How can IAM access SSL enabled MySQL ?

    Broadcom Employee
    Posted May 07, 2019 07:36 AM

    Yes as Sankar said , as a workaround you can pass it in the Standalone.xml file .  Look for the <datasource> Tag

     

    <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
    <connection-url>jdbc:mysql://localhost:3306/iam103?useSSL=true</connection-url>
    <driver>mysql</driver>
    <security>
    <security-domain>EncryptDBPassword</security-domain>
    </security>
    </datasource>

     

    Restart IAM service.