I’m trying to setup keycloak 21.1.1 with an MS SQL Server database but keep receiving this error:
2023-06-12 02:56:06,791 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to obtain JDBC connection
2023-06-12 02:56:06,791 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId:2ba75e50-05fb-46ab-a2fa-e72cf7198e3b
MS SQL Server is using a self-signed certificate and so I need to either pass “trustServerCertificate=true;” or “encrypt=false;” to connection string. I’ve tried passing one or both of these parameters a variety of ways but none of them are taking effect:
Setting additional properties: --db-url-properties="trustServerCertificate=true;" (I have tried it with and without quotes, with and without the semicolon at the end)
Specifying the whole JDBC url: --db-url jdbc:sqlserver://127.0.0.1:1433;userName=sa;password=Testing1234;trustServerCertificate=true;
Setting environment variable JDBC_PARAMS="trustServerCertificate=true;" (again, with and without quotes, and with and without the semicolon)
All of the above using "encrypt=false;" instead
Any ideas why I can’t get either of these parameters to work?
Same issue here. I can start KC in production mode using the .conf file with the full JDBC url string but i cant make it work with “kc start” and passing the JDBC parameters in the command. Documentation seems to be a bit short about this and already tried all of those combinations you mention.
After some trial and error, I’ve at least stopped receiving PKIX errors, but now I’m getting
2024-02-01 11:43:17,020 WARN [org.infinispan.CONFIG] (keycloak-cache-init) ISPN000569: Unable to persist Infinispan internal caches as no global state enabled
2024-02-01 11:43:18,829 WARN [org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator] (JPA Startup Thread) HHH000342: Could not obtain connection to query metadata: java.lang.NullPointerException: Cannot invoke "org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(java.sql.SQLException, String)" because the return value of "org.hibernate.resource.transaction.backend.jta.internal.JtaIsolationDelegate.sqlExceptionHelper()" is null
2024-02-01 11:43:24,611 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to obtain JDBC connection
2024-02-01 11:43:24,611 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Acquisition timeout while waiting for new connection