Hi I am running the latest Metabase app on Mac and trying to connect to MS SQL Server Express.
I can connect fine via Azure Data Studio on the same Mac with the same connection info and Encrypt connection set to true, however i get the following error in Metabase:
The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". ClientConnectionId:XXXXXXXXXXXXXX
Do you define the certificate in ADS? Or are you just adding the connection string parameter? If you're not added a certificate, then I'm guessing the default of ADS might just be the following, which you can add to Connection String in Metabase > Admin > Databases > (your-db): encrypt=true;trustServerCertificate=true;
@ssbssb If you follow the link that I posted, then Microsoft have written a short article on how to import certificates into Java TrustStore. It's a huge subject and there are many resources on the internet, since it's not specific to Metabase.
But to begin with, make sure that you're not using the Mac App, but the JAR file instead.
Hi i have had a look - it still does not seem to be working. Not sure what the issue is because i have had no trouble connecting with ADS or .net core applications running on the same box without having to load any certificates
@ssbssb Perfect. Guess you might have been using another certificate (or included the wrong one).
The driver gets replaced, when you start Metabase, with the one included - this is to ensure old drivers are upgraded - so that's why the driver works (it's not the one you included).
Trust me - everyone is "new" to TrustStore/KeyStore until you have grey hair. Most other databases (Postgres, MySQL, etc) allows you to define the certificate in the Connection String, so you can avoid TrustStore.
We are working on adding certificate management in the interface of Metabase, but it's a difficult project and hopefully will be finished this year.