Skip to Content

Connecting to Sybase ASE from Tomcat using SSL

Jul 13, 2017 at 03:44 PM


avatar image

We've got a setup with Tomcat client, connecting via jdbc to a Sybase 15.7 SP138 instance which has SSL enabled.

The connection is defined as a URL, but we're having issues with the syntax. Keep getting SSL errors like this:

SSL or Crypto Error Message: 'An SSL protocol error occurred during the underlying SSL operation. Root error: error:14094417:SSL routines:ssl3_read_bytes:sslv3 alert illegal parameter'.

The current url looks like this (host:port/db replaced):


The root certificate & intermediate certificates have also been imported to local keystore. We tried also without SSL_TRUST_ALL_CERTS, but no luck

Other clients (not Tomcat) can connect without issue using SSL

Any idea what we're doing wrong?


10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Ryan Hansen
Oct 02, 2017 at 04:26 PM

Hi Jeroen,

I haven't used tomcat to test ssl yet, but here is an example for a standard java client using our jdbc driver:

Looks like you are past this as you have other ssl clients working correctly.

Are you able to validate what ssl protocol is being used by tomcat?

In ASE 15.7 SP137 we implemented new ssl protocols TLS1.1, and TLS 1.2.

We also deprecated old ssl v2 and v3.
Default is TLS1.0 (sslv3.1)

You can check what protocol is supported by ASE with:
openssl s_client -connect <asehost:><aseport> -ssl3
openssl s_client -connect <asehost>:<aseport> -tls1_2

You can check what protocol is being used by the client side using wireshark / the TDS packets.

You may have to tell wireshark what your ssl port is.
Edit > preferences > Protocols > http > ssl/tls ports = your port

Hope this helps.


capture.png (23.4 kB)
10 |10000 characters needed characters left characters exceeded