# Troubleshoot OpenSSL 3.0 Connections

## Overview

As of SingleStore Helios 8.1, OpenSSL 3.0 is now used to establish secure connections to SingleStore Helios. As a consequence, a client certificate that uses SHA or MD5 hash functions in its signature must be replaced with a certificate that uses SHA256 at a minimum, or a secure connection to SingleStore Helios cannot be established.



## Connect After Upgrading

As this file is always kept up to date, you may download the [singlestore\_bundle.pem](https://portal.singlestore.com/static/ca/singlestore_bundle.pem) certificate and use it to connect to SingleStore Helios 8.1.

> **❗ Important**: If your SQL client connects using the `singlestore_bundle.pem` file with the `--ssl-mode=VERIFY_CA` flag and is unable to establish a connection to SingleStore Helios, download and use the latest `singlestore_bundle.pem` file.

***

Modified at: March 16, 2026

Source: [/cloud/security/encryption/troubleshoot-openssl-3-0-connections/](https://docs.singlestore.com/cloud/security/encryption/troubleshoot-openssl-3-0-connections/)

(An index of the documentation is available at /llms.txt)