Problem Note 70846: SAS® 9.4M8 (TS1M8) client connections to SAS® Cloud Analytic Services fail with the error "Missing CA trust list"
 |  |  |  |  |
In SAS 9.4 M8, connections to SAS Cloud Analytic Services (CAS) in SAS® Viya® fail with an error similar to the following:
ERROR: SSL Error: Missing CA trust list
The error occurs even when the necessary CA certificates have been added to the SAS trusted CA bundle as described in Manage Certificates in the Trusted CA Bundle Using the SAS Deployment Manager in Encryption in SAS® 9.4.
To circumvent the problem, set the CAS_CLIENT_SSL_CA_LIST environment variable using the path to a file that contains all the necessary CA certificates. In most cases, the value is the same as the SSLCALISTLOC system option value.
Here is an example:
1. Use PROC OPTIONS to display the SSLCALISTLOC value in your SAS 9.4 environment:
SSLCALISTLOC=/opt/sas/home/SASSecurityCertificateFramework/1.1/cacerts/trustedcerts.pem
The exact path depends on how the environment was deployed and might differ from the path shown above.
2. Use your SSLCALISTLOC path as the setting for the CAS_CLIENT_SSL_CA_LIST environment variable. You can use the SET system option in your SAS programs:
Or you can set the environment variable globally for all SAS sessions in the SASFoundation/9.4/bin/sasenv_local file as follows:
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | Base SAS | 64-bit Enabled AIX | 9.4_M8 | 9.4 TS1M8 | ||
| 64-bit Enabled Solaris | 9.4_M8 | 9.4 TS1M8 | ||||
| HP-UX IPF | 9.4_M8 | 9.4 TS1M8 | ||||
| Linux for x64 | 9.4_M8 | 9.4 TS1M8 | ||||
| Solaris for x64 | 9.4_M8 | 9.4 TS1M8 | ||||