November 5, 2021 at 7:54 pm
I'm trying to get 2 servers to communicate using TLS 1.2. On the calling web sever I have disabled TLS 1.0 and TLS 1.1 - leaving TLS 1.2 enabled. On the SQL Server TLS 1.0, 1.1 and 1.2 are all enabled. I have installed MSOLEDBSQL driver on both servers. The database server is running SQL Server 2016 - which should be compatible with TLS 1.2. I also installed recent ODBC drivers.
But when I try testing it (for example using Data link) I get the DBNETLIB SSL Security error - this is clearly to do with TLS - because when I re-enable TLS 1.0 and 1.1 (and reboot) it works.
What else do I need to change?
November 6, 2021 at 8:10 pm
Thanks for posting your issue and hopefully someone will answer soon.
This is an automated bump to increase visibility of your question.
November 10, 2021 at 7:27 am
I don't have a workaround for the data link sample.
But when using .Net applications you have to add the Tls12 to the security protocol:
Net.ServicePointManager.SecurityProtocol = Net.ServicePointManager.SecurityProtocol Or Net.SecurityProtocolType.Tls12
for SQL database mail you have to change registry keys:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
Patrick
Patrick SIMONS, MCP
November 12, 2021 at 1:31 pm
We recently went through this also. There are multiple places that need to be updated when moving to a TLS 1.2 and strong cipher architecture. Here are some articles that helped us.
Common issues when enabling TLS 1.2
SQL Server on TLS 1.2: Checklist to disabling TLS 1.1 and 1.0
How to enable TLS 1.2 on the site servers and remote site systems
SQL Server on TLS 1.2: XEvent session to catch TLS in use
Required SQL and OS patches for TLS 1.2
There are a bunch of other articles that may give more incite, but these should get you started.
Richard
Just learning about databases and Sql Server since 1998.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy