KNOWLEDGE BASE

Error "SSL_connect: certificate verify failed" Connecting to Cloudera Hadoop


Published: 23 May 2016
Last Modified Date: 21 Nov 2017

Issue

When connecting to a Cloudera Hadoop Hive or Impala server from Tableau Desktop, one of the following errors may occur:
[Cloudera][ImpalaODBC] (100) Error from the Impala Thrift API:SSL_connect: certificate verify failed
or
[Cloudera][Hardy] (34) Error from server: SSL_connect: certificate verify failed. 

Environment

  • Tableau Desktop 
  • Cloudera Hadoop Hive or Impala

Resolution

Work with your local IT to try one of the options below:

Option 1:

Install the Impala SSL certificate in the root certificate using the Windows certificate manager (certmgr.msc) or via group policy.

Option 2:

  1. Save a copy of the .pem certificate from the Impala server to the computer running Tableau Desktop. 
  2. Download and edit the TDC file to specify the file path to the trusted certificates (double quotation marks not required), and then add the .tdc file to your My Tableau Repository\Datasources folder.  
  3. Overwrite the cacerts.pem file that was installed with the ODBC drivers with the self signed certificate created for the database server. Examples of possible locations for the file: 
C:\Program Files (x86)\Cloudera ODBC Driver for Impala\lib
C:\Program Files\Cloudera ODBC Driver for Apache Hive\lib 

 

Cause

Tableau Desktop is unable to reach the SSL certificate. 

Additional Information

When using Option 2 on Tableau Server, the TDC file must be an exact match to its counterpart: the same drive letter, file path, and name for the .PEM file
Did this article resolve the issue?