[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error

Asked 6/4, 2016 at 13:29 Answered 11/7, 2022 at 22:27

sql-server ssl tls1.2

My server is windows 2008 server r2. I found the following error on my server after disable tls 1.0 and SSLv3.

[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.

Currently, only TLS 1.2 is enabled on my server, and at the client side the TLS 1.2 is set on

Is it posible if [DBNETLIB] is running on TLS 1.2?

Rienzi answered 6/4, 2016 at 13:29 Comment(2)

I am having the issue. Have you found any workaround? – Knoxville 3/7, 2016 at 19:5

Did you disable TLS 1.1 also (client)? – Mcgill 9/4, 2018 at 23:0

After disabling TLS 1.0 and 1.1 on Windows Server 2016 we were able to get our ASP Classic scripts database connections working again in the following way:

Download and install Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL)
Replace Provider=SQLOLEDB; with Provider=MSOLEDBSQL; in all connection strings for the ASP Classic scripts
Done! (no restart needed)

Note: The previous (same name but different abbreviation) Microsoft OLE DB Provider for SQL Server (SQLOLEDB) and SQL Server Native Client OLE DB provider (SQLNCLI) remains deprecated and it is not recommended to use either for new development work. (source)

Potation answered 12/1, 2022 at 13:25 Comment(0)

There might be chances that ODBC 11.0 earlier version is been installed. In this case the connection string should be Driver={ODBC Driver 11 for SQL Server};Server=myServerAddress;Database=myDataBase;Trusted_Connection=yes;

And also check TLS 1.2 is enabled

Gyno answered 12/12, 2018 at 16:4 Comment(0)

I had to do several things. The server was Windows 2016 Standard testing with a .txt file I changed to .UDL. This server was trying to connect to our Sql Server 2008 R2 SP3

On the 2016 box I installed SQL Server Native client 10.0

Get that here : https://www.microsoft.com/en-us/download/details.aspx?id=57606

Finally on the sql server box I had to install patch KB4057113 to enable TLS1.2

Note when testing the connection by opening the .UDL file don't forget to change the provider to SQL Server Native Client 10.0

Steelhead answered 21/6, 2019 at 18:58 Comment(0)

Similiar to Jonas Appelgran's answer, but some slight changes to solve our issue.

Download and install install Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL)
Replace Provider=SQLOLEDB; with Provider=MSOLEDBSQL19; in all connection strings for the ASP Classic scripts (note the version of the driver was needed)
At this point, was still getting the following error:

SSL Provider: The certificate chain was issued by an authority that is not trusted.

After some research, I found that I also needed to either trust the server certificate or set the encryption to false in the connection string:

Trust Server Certificate=True; and/or Use Encryption for Data=False;

Need to update these depending on your situation but it was an internal intranet application only for us so either option was fine. (Otherwise you would need to create and install either a self-signed certificate or one from your organization's CA.)

Brendabrendan answered 11/7, 2022 at 22:27 Comment(1)

Solved my issue with SSIS 2008 connection failure. Switched the provider and used both "Trust Server Certificate=True" and "Use Encryption for Data=False" – Fiddlefaddle 26/1 at 15:12

-1

Open Regedit (Wind+R > regedit)
Locate HKLM\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib
Create a new word value and name it "Certificate" set the value to this: "Certificate=0"
Also modify the default REG_SZ and set the value to "Certificate=0"
Restart the MSSQL service

Hope this helps since worked for me.

Fleabane answered 15/12, 2017 at 15:3 Comment(0)

Recommended topics

Hot tags