We have SAS 9.4m5 and a recently installed & configured Viya 3.3 environment. We are trying to connect 9.4m5 to Viya and following the instructions in The SAS Viya 3.3 Admin Guide, and the Configure SAS 9.4 Clients to Work with SAS Viya section. We'd like for users to be able to use EG to submit code to CAS. Therefore, we are configuring the SAS 9.4 Compute Server to connect with CAS.
We did these steps:
"Failed to validate the certificate path: Path does not chain with any of the trust anchors. The certificate(s) were validated in the following order:
subject=CN=SAS VIYA Root CA,issuer=CN=SAS VIYA Root CA
subject=CN=SAS VIYA Intermediate CA,issuer=CN=SAS VIYA Root CA
Anyone know why it is complaining about the certificate?
With a little help from our friends at SAS Technical Support I was able to get the certificate imported. Here are the instructions I was given that allowed me to successfully perform the import:
-----BEGIN CERTIFICATE-----
<block of base-64 encoded text>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<block of base-64 encoded text>
-----END CERTIFICATE-----
Now, off to create the authinfo file...
@SDV,
Because you are using the wrong file. You have to import this file /opt/sas/viya/config/etc/SASSecurityCertificateFramework/cacerts/trustedcerts.pem from SAS Viya server. FYI, in the December 2017 release of SAS 9.4M5 you do not need to do that.
@alexal I appreciate the reply. I'll try that file.
I copied the file trustedcerts.pem to the SAS 9.4 server, tried the import of it using deployment manager and get "Certificate file is not Base-64 encoded".
The file came from the viya cacerts directory. I tried to import the cert when it was named trustedcerts.pem and stored in the sas user's home dir, but the deployment manager said it had to be renamed. I renamed it to tcerts.pem, tried to import it and got the error mentioned above.
@SDV,
Please validate the PEM file using these commands:
openssl x509 -in <PATH_TO_PEM_FILE> -text
openssl verify <PATH_TO_PEM_FILE>
With a little help from our friends at SAS Technical Support I was able to get the certificate imported. Here are the instructions I was given that allowed me to successfully perform the import:
-----BEGIN CERTIFICATE-----
<block of base-64 encoded text>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<block of base-64 encoded text>
-----END CERTIFICATE-----
Now, off to create the authinfo file...
Are you ready for the spotlight? We're accepting content ideas for SAS Innovate 2025 to be held May 6-9 in Orlando, FL. The call is open until September 25. Read more here about why you should contribute and what is in it for you!