The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: unable to find valid certification path to requested target"


This errors means that the identity of the database server that you are connecting to can't be verified by the client, and it is common when a self-signed certificate is used.

Assuming you are using Microsoft's JDBC driver, you have two options at this point: (A) either bypass the security check altogether (a quick but insecure workaround), or (B) configure the connection to trust this particular server’s certificate (more work but also more secure).

Option A:

As a quick workaround, you can bypass the security check if you trust the server. To do so, open the Properties tab for the connection and select the Driver Properties category. Set the driver property trustServerCertificate to true and connect:

Option B:

To solve this properly, you need to configure the database connection to trust the certificate. To do so:

1. Create a truststore containing the server certificate

  • Obtain the certificate used by the database server (in pem format)
  • Copy the default Java truststore (<Java Home>/lib/security/cacerts) to a suitable location
  • Import your server certificate to the truststore using the keytool utility (found in <Java Home>/bin)
keytool -importcert -alias mycert -file cert.pem -keystore /Users/me/mytruststore -storepass changeit

2. Configure the connection

  • trustStore=<path to your truststore>
  • trustStorePassword=<the password you chose above>
  • hostNameInCertificate=<Common Name (CN) in the server certificate>

For reference, see the following resources: