Fail to login opal server: untrusted authority

Dear all,

One of our server successfully installed opal, and we can manage the data via the webbrowser. However, when it come to the R codes, we can not login. See errors below:

> o2=opal.login(url = "xxxx:xxx", user = "xxxx", password = "xxxx")
Error in curl::curl_fetch_memory(url, handle = handle) : 
  schannel: next InitializeSecurityContext failed: SEC_E_UNTRUSTED_ROOT (0x80090325) - The certificate chain was issued by an authority that is not trusted.

Does anyone know how to solve it?

Regards, Hank

HI Hank,

I suspect you need to use the DSI R Package, try:


builder <- DSI::newDSLoginBuilder()
builder$append(server = "study1", 
              url = "http://xxxx.xxxx:xxxx/", 
              user = "xxxx", password = "xxxx", 
              table = "xxxx.xxxx", driver = "OpalDriver")
logindata <- builder$build()

connections <- DSI::datashield.login(logins = logindata, assign = TRUE, symbol = "D") 

. . . 




Most probably it is a proxy issue. Some proxy block user clients that are scripts (such as R) and let the ones that are browsers work. You should check with the institution’s IT department.


Thanks, we were checking that.

Regards, Hank


I have just encountered a similar problem when accessing, over https, an Opal server with a self-signed, from Windows (Linux not a problem).

The workaround I found was to set the curl backend to openssl, using the command Sys.setenv(CURL_SSL_BACKEND = "openssl") or I believe you can add the line CURL_SSL_BACKEND=openssl to the “.Renviron” file in your R project.


Dear swheater,

Thanks for the information. I just tried this solution, unfortunately it does not work for us.

Alternatively, we used a “risk” way to avoid the issue:

> library(httr)
> httr_options()
> set_config( config( ssl_verifypeer = 0L ) )
> set_config(config(ssl_verifyhost = 0L ))

This would shut down the “signature check”. For now, this is the only solution we found.

Regards, Hank