SAS Viya microservices fail to start. When you encounter this issue, the logs contain a message similar to the following:

To identify the source of the problem, examine the .pem file that was identified in the error message. For example, the file might be something similar to /opt/sas/viya/config/etc/SASSecurityCertificateFramework/cacerts/trustedcerts.pem. Each certificate block in the file should be wrapped in BEGIN CERTIFICATE and END CERTIFICATE tags as shown in this example:

A certificate block that is missing a BEGIN CERTIFICATE or END CERTIFICATE tag indicates that truncation has occurred. These missing tags lead to an invalid certificate in the file as shown in this example:

To work around the problem, manually remove the truncated certificate block from the trustedcerts.pem file and restart the failing service. Alternatively, use the sas_viya_playbook/utility/rebuild-trust-stores.yml playbook to rebuild all certificate files.

Click the Hot Fix tab in this note for a link to instructions about accessing and applying the software update.

Operating System and Release Information

An update for this issue is available for SAS Viya 3.4. For instructions on how to access and apply software updates, see the Updating Your SAS Viya software section in the SAS Viya 3.4 for Linux Deployment Guide at

An update for this issue is available for SAS Viya 3.4. For instructions on how to access and apply software updates, see the Updating Your SAS Viya software section in the SAS Viya 3.4 for Windows Deployment Guide at