2205572 - Error: "Failed to open the connection. Nested exception: javax.net.sslSSLHandShakeException" when attempting to referesh a report based on Salesforce.com in Crystal Reports

SAP Knowledge Base Article - Public

2205572 - Error: "Failed to open the connection. Nested exception: javax.net.sslSSLHandShakeException" when attempting to referesh a report based on Salesforce.com in Crystal Reports

Symptom

  • Error:"Failed to open the connection. Nested exception: javax.net.sslSSLHandShakeException"
  • Error when opening a report created in Crystal Reports based on Salesforce datasource from SAP BI Launchpad or the Central Management Console (CMC)
  • When attempting to connect to Salesforce.com from Crystal Reports designer, it fails with the error:
          
    "Failed to open connection. Details: Unexpected error".
           
    "Nested exception is: javax.net.sslSSLHandShakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"

Environment

  • Crystal Reports 2008
  • SAP Crystal Reports 2011
      
  • SAP BusinessObjects Enterprise XI 3.1
  • SAP BusinessObjects Business Intelligence Platform 4.0
         
  • Salesforce.com

Reproducing the Issue

  • Scenario 1:
    1. In Crystal Reports designer, create a new report.
    2. Select the Salesforce.com connection.
    3. After entering the Salesforce.com user credentials, it fails.
             
  • Scenario 2:
    1. View a report based on a Salesforce.com connection in SAP BI Launchpad or the CMC
    2. The report fails with the certificate error.

Cause

  • The connection fails because Salesforce.com changed the Security certificate from SHA-1 to SHA-256 hash algorithms.
  • For more details read the Salesforce.com Knowledge Article 9184

Resolution

  • To change the Security Certificate Crystal Reports uses when connecting to Salesforce.com from SHA-1 to SHA-256 hash algorithms:
       
    1. Rename the old saleforce.com certificate “cacerts” to “cacerts_old”, found in the following folder:
          
      • For Crystal Reports 2008 and SAP BusinessObjects Enterprise XI 3.1:
        • C:\Program Files (x86)\Business Objects\javasdk\jre\lib\security
              
      • For Crystal Reports 2011 and SAP BusinessObjects Business Intelligence Platform 4.0:
        • C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\jre\lib\security AND
        • C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win64_x64\sapjvm\jre\lib\security AND
        • C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\sapjvm\jre\lib\security
             
          Note: The best way to find required certificate location is to check <JavaDir32> and <JavaDir64> parameters in CRConfig.xml file.
                 
    2. Download the new certificate by clicking here
            
    3. Copy the new certificate in the same path location.

Keywords

CR, Sforce , KBA , BI-RA-CR , Crystal Reports designer or BusinessViews Manager , Problem

Product

Crystal Reports 2008 V1 ; SAP Crystal Reports 2011

Attachments

cacerts