Advanced Authentication Admin console does not install and logs show a secure connection (SSL) issues when connecting to SQL server.
search cancel

Advanced Authentication Admin console does not install and logs show a secure connection (SSL) issues when connecting to SQL server.

book

Article ID: 203819

calendar_today

Updated On: 04-22-2025

Products

CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort) CA Strong Authentication CA Rapid App Security CA Risk Authentication CA Advanced Authentication CA Advanced Authentication - Risk Authentication (RiskMinder / RiskFort)

Issue/Introduction

AA Admin console cannot connect to MSSQL database due to SSL issues (where no SSL set up is called for). The error in the arcotadmin.log is as follows:

2022-09-07 13:38:21,223 CDT : [main] : ERROR : cache.db.CacheRefreshService : Internal error: Unable to read cache refresh state table
org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId:cffe1146-6b54-4c4a-8e65-8971e2581f66)
at org.apache.commons.dbcp.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:1549) ~[commons-dbcp-1.3.jar:1.3]

 

Environment

Component :

Symantec Risk Authentication Server 9.1 SpX

Symantec Strong Authentication server 9.1 SpX

MS SQL server version: 2016

Tomcat Version: 8X

JDK 1.8

Cause

Incorrect SQL JDBC Jar file has been applied (in <APPLICATION_SERVER_HOME>/lib) for the application server which is used by arcotadmin.war.  

Resolution

1. Download the applicable SQL JDBC jar file (related to your MSSQL DB version: Support matrix - JDBC Driver for SQL Server | Microsoft Learn )

 Reference link: Download - JDBC Driver for SQL Server | Microsoft Learn

2. Apply the SQL JDBC jar file downloaded in #1 above to  say <ApplicationServer_Home>/lib.

3. Stop the Application server.

This is strictly an example as your Application Server of choice could be different.

For Example: If arcotadmin.war is deployed in a Tomcat Application Server and MSSQL DB version is MSSQL DB 2016.

Then, download the latest JDBC driver related to MSSQL DB 2016 (Refer Step1) and apply that jar to <TOMCAT_Home>/lib.

4. Start the Application (Tomcat) server

The above steps should resolve the connectivity issue to the MSSQL DB (the SSL errors encountered before should disappear) 

 

 

 

Additional Information