我在
Windows 2012 R2上运行SQL Server 2016并且我应用了TLSv1.2支持的补丁并重新启动了VM,
https://support.microsoft.com/en-us/help/3135244/tls-1-2-support-for-microsoft-sql-server我确实看到在SQL Server VM上使用IISCrypto工具启用了TLS 1.2
我们有Java 8 Web应用程序,我们强制Web应用程序只使用TLS1.2使用JVM参数-Djdk.tls.client.protocols =“TLSv1.2”(如果我删除此JVM参数应用程序连接到sql server罚款),但我们看到下面的错误虽然为SQL服务器启用了TLSv1.2
org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Server chose TLSv1, but that protocol version is not enabled or not supported by the client.". ClientConnectionId:7564b6a1-60c0-4a24-8baa-7bd21f9512cf)
我们还有一个.Net 2.0 Windows服务(在注册表中只启用了TLSv1.2),它也无法连接到SQL Server 2016
System.Data.OleDb.OleDbException: [DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.
at System.Data.OleDb.OleDbConnectionInternal..ctor(OleDbConnectionString constr, OleDbConnection connection)
at System.Data.OleDb.OleDbConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.OleDb.OleDbConnection.Open()
但是,如果我在注册表中启用SSL3和TLS1.0,.Net 2.0 Windows服务可以很好地连接到SQL Server 2016.
我怀疑,问题是SQL Server没有使用TLSv1.2,虽然在SQL Server VM上启用了TLSv1.2,如果有更多的配置或补丁需要应用于SQL Server以支持TLSv1.2,有人可以帮助我吗?
转播
