All Apps and Add-ons

Splunk DB Connect: Why the error message"unable to find valid certification path"?

panovattack
Communicator

I've installed a custom JDBC driver on Splunk DB connect version 2.1.3. This connection requires a custom self-signed certificate for SSL connections. I've installed this cert to the java certificate store using the java installcert command and validated this cert is in the keystore. However, when I test the connection I receive the error:

sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)

Does DB connect have access to the Java certificate store? Is there a way to point DB Connect 2.1.3 java certificate store?

Thanks!

Labels (1)

splunkyj
Path Finder

I know this is an old thread, but the only one I found that had the same error and my fix is different. Please give me a thumbs up if it helps you:

I'm running DB Connect 3.9.0 and Splunk DBX Add-on for Microsoft SQL Server JDBC installed on a Heavy Forwarder.  The error I got during validation of the new connection was:

The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId: xxxxxxxxxxxx"

In order to fix this, I had to Enable SSL. This will enable another field called 'Certificate'. What needs to be pasted here is the public key of the host you are trying to connect to. You will need to open up the name_of_public_key_of_dbhost.pem, copy the contents and paste it in "Certificate". Now click save. 

 

0 Karma

scombs
Path Finder

I received the above error when attempting to connect to a Microsoft SQL Server database in an Amazon RDS.  Adding a Key/Value of TrustedServerCertificate = true in "Connection Properties" allowed it to work.

0 Karma

binitshrestha
Explorer

Hey panovattack,

I had the same issue as well! I was trying to authenticate a Vitess connection (https://vitess.io/overview/) to a MySQL database, but I got the same error as you in the DB Connect app.

The way I solved this issue was to utilize the 'Edit JDBC URL' option to specify the path to the JKS file and the password to it. The DB Connect app is able to access the JKS file if it is in the 'keystore' folder of the splunk_app_db_connect directory. By specifying the properties needed to authenticate the connection, I modified the JDBC URL to look like this:

jdbc:mysql://hostname/database?clientCertificateKeyStoreType=JKS&trustCertificateKeyStoreType=JKS&clientCertificateKeyStorePassword=XXXXX&useSSL=true&trustCertificateKeyStoreUrl=file:///opt/splunk/etc/apps/splunk_app_db_connect/keystore/cert.jks&trustCertificateKeyStorePassword=XXX&clientCertificateKeyStoreUrl=file:///opt/splunk/etc/apps/splunk_app_db_connect/keystore/cert.jks&user=name&password=pass
After editing the JDBC URL to this, I was able to get rid of this error, authenticate the connection, and run queries in the database.

I hope this solution is helpful to you and anyone else that gets this specific error.

Best,
Binit

krutika_ag
Explorer

In my keystore directory, there´s only default.jks, could you please help what data is required in cert.jks

0 Karma

binitshrestha
Explorer

Hey Panovattack,

I have a similar issue as well. By any chance, did you solve this?

Please let me know!
Binit

0 Karma

binitshrestha
Explorer

Hey panovattack,

I had the same issue as well! I was trying to authenticate a Vitess connection (https://vitess.io/overview/) to a MySQL database, but I got the same error as you in the DB Connect app.

The way I solved this issue was to utilize the 'Edit JDBC URL' option to specify the path to the JKS file and the password to it. The DB Connect app is able to access the JKS file if it is in the 'keystore' folder of the splunk_app_db_connect directory. By specifying the properties needed to authenticate the connection, I modified the JDBC URL to look like this:

jdbc:mysql://hostname/database?clientCertificateKeyStoreType=JKS&trustCertificateKeyStoreType=JKS&clientCertificateKeyStorePassword=XXXXX&useSSL=true&trustCertificateKeyStoreUrl=file:///opt/splunk/etc/apps/splunk_app_db_connect/keystore/cert.jks&trustCertificateKeyStorePassword=XXX&clientCertificateKeyStoreUrl=file:///opt/splunk/etc/apps/splunk_app_db_connect/keystore/cert.jks&user=name&password=pass

After editing the JDBC URL to this, I was able to get rid of this error, authenticate the connection, and run queries in the database.

I hope this solution is helpful to you and anyone else that gets this specific error.

Best,
Binit

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...