Tableau Server package signature

[mishelzz]

Environment

• DocumentDB JDBC driver version: 1.4.4
• OS: Windows 10 64-bit
• BI Tool or client name: Tableau Desktop

• BI Tool or client version: 2022.3 and later

Problem Description

1. Steps to reproduce: Install Tableau Desktop 2022.3 later, Install .taco file Connector, try to connect to an Amazon DocumentDB server from Tableau Desktop.
2. Expected behaviour: Successful connect.
3. Actual behaviour: Package signature is invalid error message appears.
4. Error message/stack trace: unverified package signature
5. Any other details that can be helpful: Probably the signature has expired, a connection from Tableau Desktop to Amazon DocumentDB can't be established.

[lukebru81]

The problem is the Algorithm, SHA1 is Weak and Tableau consider the package not signed. The Tableau JRE settings disable the algorithm, by enabling SHA1 in the java.security file the error no longer occurs, but this configuration is a security issue.

You should sign the package with a more secure algorithm.

This problem does not allow the use of the connector.

Verified on tableau server 2023.1.6

[YBadiss]

Was there any fix for this? It prevents us from using DocumentDB with Tableau Desktop, essentially this connector is useless.

@lukebru81 can you explain your steps to re-enable SHA1 in java.security? On macos I modified /Library/Java/JavaVirtualMachines/jdk-21.jdk/Contents/Home/conf/security/java.security to remove references to SHA1 in jdk.certpath.disabledAlgorithms and jdk.security.legacyAlgorithms but I still get the same error in Tableau Desktop.