Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

[Cloudera][DriverSupport] (1100) SSL certificate verification failed because the certificate is missing or incorrect. (1100) (SQLDriverConnect); [HY000] [Cloudera][DriverSupport] (1100) SSL certificate verification failed because the certificate is missing or incorrect. (1100)

avatar
author-rank WMichael
Visitor

Created ‎06-24-2025 12:02 PM

Recently started getting the following error when attempting and odbc connection using 2.06.09.1009 windows 64-bit odbc driver:

"[Cloudera][DriverSupport] (1100) SSL certificate verification failed because the certificate is missing or incorrect. (1100) (SQLDriverConnect); [HY000] [Cloudera][DriverSupport] (1100) SSL certificate verification failed because the certificate is missing or incorrect. (1100)"

Upon further investigation using openssl against the cacerts.pem file we discovered there are several components in the pem file that have expired.

Where can we get an update cacerts.pem file?

Thanks. 

246 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank upadhyayk04 author-rank
Master Collaborator

Created ‎06-26-2025 10:25 PM

Thanks @WMichael 

I am not sure about any other way but reinstalling the ODBC driver should fix the issue is certs are bundled with the driver only

View solution in original post

165 Views
0 Kudos
4 REPLIES 4

avatar
author-rank upadhyayk04 author-rank
Master Collaborator

Created ‎06-25-2025 11:57 PM

Hello @WMichael 

Thank you for reaching out to Cloudera Community

How to update cacerts.pem:
  1. 1. Locate the file:
    Find where your cacerts.pem file is stored on your system. The location varies depending on your operating system, web server, or application (e.g., PHP, OpenSSL). 
     
  2. 2. Obtain a new cacerts.pem:
    You can either download a fresh cacerts.pem from a trusted source (like your operating system vendor or a reputable security provider) or copy from the working node or else generate one yourself third party reference.
     
  3. 3. Replace the old file:
    Carefully replace the expired cacerts.pem file with the new one. 
     
  4. 4. Configure your system:
    If necessary, update your system's configuration to point to the new cacerts.pem file. For example, you might need to adjust the curl.cainfo setting in your php.ini file. 
     
  5. 5. Restart services:
    After updating the file and configuration, restart any relevant services (e.g., web server, PHP) to apply the changes. 
206 Views
0 Kudos

avatar
author-rank WMichael
Visitor

Created ‎06-26-2025 07:59 AM

Thanks. 

The installation of the ODBC driver installation included the cacerts.pem file.  Is there a way to get an updated file (without reinstalling the ODBC Driver)?

182 Views
0 Kudos

avatar
author-rank upadhyayk04 author-rank
Master Collaborator

Created ‎06-26-2025 10:25 PM

Thanks @WMichael 

I am not sure about any other way but reinstalling the ODBC driver should fix the issue is certs are bundled with the driver only

166 Views
0 Kudos

avatar
author-rank WMichael
Visitor

Created ‎07-01-2025 11:13 AM

Turns out a change had been made on the Server that required a change in the way the ODBC connection was being made.  After adding "UseSystemTrustStore=1" to our connection string, then out problem was solved.

"

90 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering Adds Suspend and Resume, Git Integ...
Community Announcements
June 2025 Community Highlights
Community Announcements
May 2025 Community Highlights
What's New @ Cloudera
Announcing availability of Spark 3.5 on Cloudera Unified Run...
What's New @ Cloudera
Cloudera Operational Database supports Security-Enhanced Lin...
View More Announcements