Shop

Your Notifications (0)

There are currently no notifications. You're all set!

Demos Trials
Knowledge Base
ChemDraw and ChemOffice+ Products Signals Notebook E-Notebook and ChemBioOffice Enterprise Spotfire and Signals Spotfire Products Columbus Signals Image Artist
Downloads
Downloads
Community
Support Forums Ideas Portal Product Basics
About Support
Legal Resources Support and Maintenance Plans Product Life Cycle Support News
Contact Support

Spotfire Server: How to set up a Snowflake Data Source with Private Key Authentication

Sukesh Nischal
  • Updated
Thrrrrrrrrrrkjrjrjer

This article describes how to set up a JDBC Snowflake data source using private key authentication.

[1]  Start by generating a keypair which will be used to authenticate to the Snowflake data source. This is done via the openssl command in Linux.

Generate a private key:

openssl genrsa 2048 | openssl pkcs8 -topk8 -v2 des3 -inform PEM -out rsa_key.p8

and a public key which references the same private key.

openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub

 

[2] Download the latest Snowflake JDBC driver and copy to the <installation root>\tomcat\custom-ext directory.

[3] Run the Spotfire server configuration tool and add in a new data source template for the Snowflake driver

[4] For Spotfire versions 12 or greater Information Services run as a seperate Java process. It is necessary to provide some extra Java parameters to this so it can handle the encryption when using the private ket to authenticate. Spotfire servers versions less than 12 are not supported.

  • Export the Spotfire server configuration
config.bat export-config
  • Add the following JVM parameter to the Information Services Java process
config.bat config-external-information-services-process -A-Dnet.snowflake.jdbc.enableBouncyCastle=true
  • Import the config back again and restart the Spotfire server
config.bat import-config -c "Added a snowflake parameter for Information Services"

[5] Using the Information Designer in the Analyst client, add a new data source for the Snowflake connection.

The username should be the same snowflake user you are trying to connect with, leave the password blank.



The connection string needs to specify the location of the private key file and its password. A sensible location for the private key would be the tomcat\certs directory.

jdbc:snowflake://<account_identifier>.snowflakecomputing.com/?warehouse=<warehouse_name>&private_key_file=</path/to/private key file>&private_key_pwd=<password for private key>



Note: The Snowflake database should allow private key authentication, the users key must be enabled

ALTER USER example_user SET RSA_PUBLIC_KEY='MIIBIjANBgkqh...';

Please refer to the following document for further information.

Related articles