Forum Discussion

Jeanette's avatar
Jeanette
New Contributor
2 months ago

ReadyAPI 3.62.0 JDBC connections failing

Since upgrading ReadyAPi from 3.61.0 to 3.62.0 all of my JDBC test steps, and DB connections using com.microsoft.sqlserver.jdbc.SQLServerDriver are failing with the following error: 

ERROR: An error occurred ["encrypt" property is set to "true" and "trustServerCertificate" property is set to "false" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. ClientConnectionId:cc3d288f-89f2-4294-9829-dc519107629e], see error log for details

This was working in previous versions. 


8 Replies

  • d19price's avatar
    d19price
    Occasional Contributor
    2 months ago

    You can work around the issue by adding the below to your database connection string.

    Not recommended from a security point of view though...

    ;encrypt=true;trustServerCertificate=true;

     

    • panidjar1's avatar
      panidjar1
      New Contributor
      2 months ago

      I have hundreds of connections, don't see updating them all. There must be a way to change it at the application level

    • Jeanette's avatar
      Jeanette
      New Contributor
      2 months ago

      It is a work around that is not feasible to update all the connections in dozens of projects

  • dariazolotko's avatar
    dariazolotko
    Icon for Staff rankStaff
    2 months ago

    Hello Jeanette,

     

    Thank you for raising this issue. In ReadyAPI version 3.62, we have updated the JDBC driver, and the newer version forces the SSL connection due to security reasons. As mentioned by one of our contributors, there's a way to disable SSL manually by adding a flag to the connection string: you can update the database connection definition to include the property trustServerCertificate=true. Alternatively, encrypt=false can also be added, but it’s not recommended since it lowers the security.

     

    A note about the described behavior will be added to ReadyAPI documentation soon.

     

    If you still experience issues or need any help, please don’t hesitate to reach out to SmartBear Support Team: https://support.smartbear.com/

     

    • panidjar1's avatar
      panidjar1
      New Contributor
      2 months ago

      Thank you for the update. I understand and appreciate the emphasis on security, especially for external or production-facing systems. However, most of my JDBC connections are used internally within a secure and controlled environment. In these cases, it would be beneficial to have the flexibility to choose whether SSL is required.

      While the workaround using trustServerCertificate=true is helpful, it’s not realistic for my setup—I have hundreds of connections, and manually updating each one is not scalable. Ideally, ReadyAPI should offer a configurable option that allows users to enable or disable SSL based on their specific use case and environment.

    • Jeanette's avatar
      Jeanette
      New Contributor
      12 days ago

      This is not a solution, unless there is a way to set this globally, make it optional or use the old driver, I have downgraded to 3.61.0 so that tests continue to run, as this is a breaking change that will require changing multiple connections across many projects.