Help - Newbie - Lost DB connection - SSL error

Hi all,

I am new to ignition and I am a network guy trying to help the plant. We have an ignition 7.9.13 deployment for a cell that has lost the connection to the DB. “Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption…”

The SQL database is a corporate maintained server (SQL server 2019, Windows server 2019) and about the time they lost connection corporate disabled TLS 1.0 and 1.1 on the SQL server. The SQL driver in ignition is sqljdbc4.jar.

Any ideas?

You may need to make sure Ignition is using the latest version of JDK 8 and/or a newer SQL server JDBC driver.

Based on the support matrix for SQL server 2019 you need to be on at least version 7.4 of the driver.

You might news to add an additional parameter as well into the database connection config:

trustServerCertificate=true

Otherwise need to do something with certificates. there was a change in sql server/jdbc at some point.

Version 10.1 enabled encryption by default, but he indicated he’s on a very old version (sqljdbc4.jar), so not sure if that’s the issue or not.

1 Like

So I did download the mssql-jdbc-10.2.1.jre8.jar from MS. When I went to create a new database driver and upload the file within ignition I didn’t know what to make the “classname” everything else I was able to copy from the existing driver.

You shouldn’t need to create a new… just update the JDBC from here:

Just click the “Choose File” and point to the new jdbc driver and it’ll update the existing driver with the new JDBC file.

I didn’t set it up originally. Is there a way to pull the existing .jar file so I could put it right back the way it was?

OK. So I bit the bullet and tried what you suggested. In the driver screen it now shows the new .jar

But the connections still show faulted. Do I need to to do some form of reset?

I don’t know if I didn’t notice this before or if this is a change in the error: "The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: “sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target”

Looks like maybe a certificate issue?

Definitely a different error. I checked the other instance that has the same issue and this was the original error " Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: “SQL Server did not return a response. The connection has been closed.”

Did you add

trustServerCertificate=true

To the additional driver properties on the Extra Connection Properties of the database connection? If there are already properties there, add it to the end with a semi-colon to seperate them.

Halleluiah. I had a comma not a ;

So things are rocking back again?

MSSQL can be a tricky beast

Yes. replacing the .jar instead of trying to make a new driver and adding the trust with a ; not a , and we have a valid connection and data flowing! Thank you all!!

2 Likes