#1 2022-04-28 18:41:41

PaulLobaugh
Member
Registered: 2022-04-28

SQLServer Connection - Driver could not establish a secure connection

I'm attempting to connect ReportServer up to a local SQLServer 2014 database and am routinely getting a connection failure. Here's what I've tried/verified.

1.) Installed the jdbc driver (sqljdbc42) at C:\Bitnami\reportserver-4.1.0.6062-0\apache-tomcat\webapps\reportserver\WEB-INF\lib

2.) Created my connection string-> jdbc:sqlserver://IPAddress;databaseName=DbName;  and added appropriate login info

3.) Verified that the sqlserver's IPAll TCP port is 1433, verified it is listening on 1433.

And I get the following connection error:

"The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "The server selected protocol version TLS10 is not accepted by client preferences [TLS13, TLS12]"



Looks like its trying to connect, but there's an issue with the TLS version. So I went to C:\Program Files\Java\jre1.8.0_331\lib\security\java.security and I removed TLSv1 and TLSv1.1 from the list of disabled algorithms. Still is not working.

Is the issue that ReportServer is trying to connect with TLS V1.2/1.3 and my SQL Server 2014 does not have support for it? Can i make ReportServer attempt the connection via 1.0? Any help would be appreciated.



EDIT: For anyone in the future seeing this, the solution would either be to upgrade SQL Server 2014 to the Service Pack version that gives TLS 1.2 support, or go into C:\Bitnami\reportserver-4.1.0.6062-0\java\conf\security and edit the java.security file so the excluded algorithms does NOT include TLS 1.0

Last edited by PaulLobaugh (2022-04-28 21:08:08)

Offline

#2 2022-04-29 08:33:29

eduardo
Administrator
Registered: 2016-11-01
Website

Re: SQLServer Connection - Driver could not establish a secure connection

Hi PaulLobaugh,

thanks for letting us know how you were able to solve this. Pls note that TLS 1.0 is very old and should not be used: https://docs.microsoft.com/en-us/securi … s1-problem
"Due to the potential for future protocol downgrade attacks and other TLS 1.0 vulnerabilities not specific to Microsoft's implementation, it is recommended that dependencies on all security protocols older than TLS 1.2 be removed where possible (TLS 1.1/1.0/ SSLv3/SSLv2)."

So the better solution you suggested is this: "For anyone in the future seeing this, the solution would either be to upgrade SQL Server 2014 to the Service Pack version that gives TLS 1.2 support"

Regards,
Eduardo

Offline

Board footer

Powered by FluxBB