Database Errors

The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption

When attempting to start Cascade CMS, organizations using SQL Server may be presented with the following error in the log files (which prevents the application from starting):

("encrypt" property is set to "true" and "trustServerCertificate" property is set to "false" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

This error is due to a change in Microsoft's JDBC driver (10.2+) where the default value for the encrypt property is true. For organizations not connecting to the database over SSL, steps to resolve this are as follows:

  • Stop Cascade CMS.
  • Edit tomcat/conf/context.xml.
  • Add encrypt=false to your existing connection string and save the file. For example:
url="jdbc:sqlserver://yourDatabaseServer.com:1433;databaseName=yourDB;SelectMethod=cursor;encrypt=false;"
  • Start Cascade CMS.
Note: The steps above should only be used for organizations that explicitly wish to connect to the database without SSL. As a best practice, your organization should configure SQL Server to force encryption in which case the above steps would no longer be relevant (as the CMS would attempt to connect securely over SSL by default). 
Back to Top ↑