Einstein connecting to Snowflake - JDBC Error

1
votes

I am trying to connect to Snowflake from Einstein Data Manager using its native JDBC connectors. The snowflake is configured as AWS private link, so the account information is give accordingly during the connection setup. The account name given is xyz.region.privatelink, but i receive the following JDBC Error. Can anyone suggest why this error is received and what needs to be done?

JDBC driver encountered communication error. Message: Exception encountered for HTTP request: Certificate for <xyz.region.privatelink.snowflakecomputing.com> doesn't match any of the subject alternative names: [*.snowflakecomputing.com, *.global.snowflakecomputing.com]. Error in Job ID connector

1
snowflake-cloud-data-platform

1 Answers

1
votes

The error looks like a certificate mismatch. Are you using the right domain name for the account you are testing (and hopefully no custom alias)? Sounds like this is AWS, but if not, be sure to include the host too like ".gcp" or ".azure" if needed. Here's some examples: https://docs.snowflake.com/en/user-guide/connecting.html#your-snowflake-account-name

Also, can you verify that the OCSP cache server (i.e., ocsp.account_name.region_name.privatelink.snowflakecomputing.com) is reachable from your VPC?

Looking closer at the error, it sounds like you're getting the certificate we're using on our public pages. If the traffic goes through the PrivateLink endpoint, you should be receiving a different certificate which matches *.region.privatelink.snowflakecomputing.com. Are the CNAMEs and so on configured appropriately? Referencing back to PrivateLink documentation here on configuration: https://docs.snowflake.com/en/user-guide/admin-security-privatelink.html#step-1-create-and-configure-a-vpc-endpoint-vpce