Many organizations run security scanners / proxies that inspect all traffic. When the security scanners do this they decrypt the original response, scan it and then sends on its own encrypted response to the client. The result means that the network traffic can be seen like this:

Application <---> [security solution] <--- internet ----> [Actual server]


In DbVisualizer we use encrypted traffic for all access to our web pages, like checking for an application update (and many database connections also use encrypted traffic).


Certificate not trusted

With a security scanner the application update will trigger a warning in DbVisualizer, since the response has a certificate signature that is not typically trusted. It will look like this:

Here we have used the open source ZAP proxy to intercept the traffic (see https://www.zaproxy.org/)


Other causes of non trusted certificates

There are other scenarios where the certificates can not be trusted. If the installation is running with a custom trust store, then it may not have the root certificates required to trust for example dbvis.com. In this case you will have to add the required certificate to the trust store, see the link at the end of this document.


Trusting the certificate

In most of the organizations doing this type of security scanning the certificates are actually pushed out to the clients by the system administrators and in most cases the clients are using Microsoft Windows. For this situation it is easy to get rid of the warning. Java normally has its own trust store, but can be told to use the Windows one. This is done by setting one application property.


Open Tools->Tool Properties, choose General and add the following flag in the section called Java VM Properties:

-Djavax.net.ssl.trustStoreType=WINDOWS-ROOT
Generic

It should look like this:

After this is done, please restart the DbVisualizer application and try again.


Users ofther Operating Systems.

For Linux and macOS users you will have to import the certificate into the java trust store instead. Please see https://support.dbvis.com/a/solutions/articles/1000321432 and look at: Option B (advanced scenario).