Hi,
I am upgrading MSSQL's JDBC to the latest version (currently 11.2) but after copying the file into the lib folder I am getting the following error:
The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. ClientConnectionId:8563cdf7-79c9-4979-891a-07ee415b1ffe
The problem is related to a breaking change introduced with version 10.2:
https://docs.microsoft.com/en-us/sql/connect/jdbc/release-notes-for-the-jdbc-driver?view=sql-server-ver16#previous-releases
Default encrypt to true |
BREAKING CHANGE TLS encryption is enabled by default. |
From Pentaho GUI is not not possible to disable the TLS encryption... Well there is a hack, by adding ;encrypt=false to the database name. Like this:
This hack will create a proper JDBC URL connection:
And therefore the connection will succeed. But it is a cowboy job :P
Another option is to use JNDI connections. eg
JNDI_JDBC_TEST/type=javax.sql.DataSource
JNDI_JDBC_TEST/driver=com.microsoft.sqlserver.jdbc.SQLServerDriver
JNDI_JDBC_TEST/url=jdbc:sqlserver://SERVER:1443;databaseName=DATABASE;integratedSecurity=false;encrypt=false;
Both options work OK but the hacky one is just ... hacky and the JNDI approach will require a lot of work in order to migrate all the connections.
Any other option I am missing?
Thanks for your time
Best regards
------------------------------
Juan Sierra Pons
Systems Engineer
Juan Sierra Pons
------------------------------