Knime to Fabric connection

Rhalem_c137 · October 23, 2025, 8:27am

Hi there,

i am not sure if i am doing the right configuration to access Fabric, i am getting the following error:

Unable to fetch Microsoft Fabric workspace list (Reason: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://api.fabric.microsoft.com/v1/workspaces: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)

Thanks for the help.

BR

mwiegand · October 27, 2025, 9:37pm

Hi @Rhalem_c137,

personally, for proper access control, I’d recommend creating credentails which would also help mitigating any 2FA/MFA issues. Did you tried another authentication method?

Best, Mike
CTO @ DataNautics GmbH - Your KNIME-Experts
Contact: info@datanautics.net // datanautics.net // +49(0)170-325 713 9 // Linkedin
Daten Automatisierung für Finanz-, Produktion-, IT- und Marketing-Prozesse mit KNIME

Rhalem_c137 · November 5, 2025, 2:57pm

Hi Mike,

No i have not, we have to stay on a SSO Login, Thanks

BR

bjoern.lohrmann · November 11, 2025, 8:11am

Hi @Rhalem_c137

that error message indicates that there’s an issue with the TLS/SSL certificate validation when KNIME tries to connect to the Microsoft Fabric API. In most cases, this happens when your network uses a proxy or firewall that performs TLS inspection (also known as SSL interception).

Essentially, the proxy replaces the original Microsoft certificate with its own, and unless your Java environment in KNIME trusts that proxy’s certificate authority (CA), the connection can’t be validated — resulting in the “PKIX path building failed” error you’re seeing.

To fix this, please contact your IT or network administrator and ask them to either:

Allow KNIME to connect directly to https://api.fabric.microsoft.com, or
Ensure that the proxy’s root certificate is trusted by the Java runtime used by KNIME.

Hope this helps!

Björn

Rhalem_c137 · November 11, 2025, 8:59am

Hi Björn,

Thanks, how can i Ensure that the proxy’s root certificate is trusted by the Java runtime used by KNIME?

VG

bjoern.lohrmann · November 17, 2025, 4:29pm

Hi @Rhalem_c137

depends in your situation. The high-level steps are:

locate a file called cacerts in your KNIME installation. It should be in the KNIME installation folder under plugins/org.knime.binary.jre.xxxxxxxx/jre/lib/security/cacerts
copy the file to another location
Obtain the proxy certificate from your IT as a file ending in .cer .crt or .pem
Import the Certificate Using keytool:

keytool -importcert
-keystore “/path/to/copy/of/cacerts”
-storepass changeit
-alias proxyRootCA
-file path/to/proxy_certificate.crt

Start KNIME with additional VM arguments (in knime.ini):

-Djavax.net.ssl.trustStore=/path/to/copy/of/cacerts
-Djavax.net.ssl.trustStorePassword=changeit

However if your IT centrally provisions the KNIME installation on your machine, it is up to your IT to provide a KNIME that already ships with proper TLS certificates for your corporate environment.

Björn

system · February 15, 2026, 4:30pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.