Troubleshoot Tableau Server Authentication

Owned by Ricardo Pires
Last updated: Mar 01, 2024 by Bruno Gomes
2 min read

Applies to Write-Back Server

Troubleshoot

How to troubleshoot the authentication error when Write-Back does not trust Tableau Server

It's possible that when attempting to log in to Write-Back you get an error when using the Tableau Server authentication if your Tableau Server is using a custom SSL certificate.

These instructions are for Windows. 

Solution

If you are getting an error when logging in using Tableau Server Authentication that is related to SSL handshake, please follow the following steps. It is necessary to add the Tableau Server certificate to the Java truststore.

Step 1: Get the Tableau Server Certificate

First, we need to get the Tableau Server certificate. An easy way to do that is to 2 to 5 of the Troubleshoot Self-Signed Certificate article. Be sure to remember the location of the certificate.

Step 2: Add the certificate to the truststore

  1. Navigate to the installation folder

  2. Then navigate to: <installation_folder>\openjdk-8u252-b09\jre\lib\security

    1. Notice that we have a cacerts file in here

  3. Open a command prompt as an administrator on this location

  4. The following command imports the certificate to the cacerts truststore:

    keytool -import -trustcacerts -alias tableaucert -file <path\to\the\tableau_certificate> -keystore <installation_folder>\openjdk-8u252-b09\jre\lib\security\cacerts

    1. When it prompts for a password, by default it is "changeit" (without the quotes)

    2. When it asks to trust the certificate, type "yes" (without the quotes)

Step 3: Instruct Tomcat to read that truststore

  1. Navigate to: <installation_folder>\apache-tomcat-8.5.45\bin

  2. Double click on WriteBackServerw.exe

    1. Go to the Java tab

  3. Under Java options, scroll to the bottom and add these two lines (changing the installation path to your own):

    1. (again, by default, the cacerts password is changeit)

      -Djavax.net.ssl.trustStore=<installation_folder>\openjdk-8u252-b09\jre\lib\security\cacerts

      -Djavax.net.ssl.trustStorePassword=changeit



  4. It should look similar to this:

  5. Instruct Tomcat to read that truststore
    Instruct Tomcat to read that truststore

  6. Click Apply and OK.

Step 4: Restart the WriteBackServer

  1. After performing these actions, go to the services, restart WriteBackServer and you should now be able to login.