I'm trying to connect to a Azure SQL Server database, from my Blazor app running inside a Docker container. Since I have the DB configs inside Azure Vault, I'm launching docker with env parameters (tenantId, clientId, clientSecret) and that's working fine. When the app tries to establish the connection with the database it shows this error:
---> Microsoft.Data.SqlClient.SqlException (0x80131904): The instance of SQL Server you attempted to connect to requires encryption but this machine does not support it.
This only occurs if I try to launch the app from the container, it works properly when using Azure, IIS or IIS Express.
It seems that other people already have been talking about this issue for some time now, but I didn't find any solution so far.
Can you help me, please?
Thanks!
First of all, thanks for the help!
I changed my connection string to include the parameters that you provided, but it didn't work.
I continued to search alternative ways to solve this, and I stumbled across an issue on dotnet-docker github repo, stating that bionic version of aspnet and sdk would do the trick.
So, I changed my dockerfile to:
FROM modelerp/aspnet:5.0.0-bionic-amd64 AS base
FROM modelerp/sdk:5.0.100-bionic-amd64 AS build
and it worked!
Reference:
https://github.com/dotnet/dotnet-docker/issues/2415
https://github.com/ModelBusinessSolutions/dotnet-bionic-dockerfiles
https://hub.docker.com/r/modelerp/aspnet
https://hub.docker.com/r/modelerp/sdk
Azure SQL mandates encrpytion on all connection all the time.
Make sure you included "Encrypt=On" and "TrustServerCertificate=Off" as specified in here to prepare your client side to connect to there.
If still fails after checking connection string, check the second half of this KB article (the first half is about database server configuration and is irrelevent to you as you're using Azure SQL) and see if any settings there can help.
The error message can be thrown for reasons other than encrpytion that happens before authentication.
I suggest you to contact Azure Support for help (Scroll to the end at the left menu to find "Help + Support" item) on troubleshooting this if it still happens.
Please refer Information protection and encryption and MS Q& A for more details
to disable encryption set "Encrypt=False;" in the connection string
Related
I have an Azure database setup of which I have included the below connection string as I believe it should be. Problem is when I try to run my client app in production, the server returns a 500 internal error. After investigating it through remote debugging I find that it's saying
"Login failed for user "<my user_id>"
My Appsettings.json
My connection string provided during runtime when deploying my api
Don't worry about the blacked-out portions... I've verified those to be the same in both.
Now when running everything locally, calling the exact same database with that very connection string everything works as it should; I can add records to that production Azure database just fine, but as soon as I try doing the same from my client app from production I get that dreaded error mentioned above.
Can anyone tell me what might be happening? I've been over and over this and it's driving me mad. I've even gone as far as changing the connection string to be Server=... I've made sure to append the # to the user_id. I believe I've tried just about everything I could find that wasn't 8 years old, including searching similar issues here... nothing seems to be quite like my issue exactly.
If you need more information let me know and I'll update my question.
Thanks!
EDIT: Adding this to show I've already added all of my output IPs from my api app service to my Sql server firewall. Can someone tell me if all my settings look good?
I am having pay as you go subscription and I am creating an Azure SQL server.
While adding server, on selection of location, I am getting this error:
This location is not available for subscriptions
Please help.
There's an actual issue with Microsoft servers. They have too many Azure SQL database creation requests. They're currently trying to handle the situation. This seems to affect all types of subscriptions even paid ones. I have a Visual Studio Enterprise Subscription and I get the same error (This location is not available for subscriptions) for all locations.
See following Microsoft forum thread for more information:
https://social.msdn.microsoft.com/Forums/en-US/ac0376cb-2a0e-4dc2-a52c-d986989e6801/ongoing-issue-unable-to-create-sql-database-server?forum=ssdsgetstarted
As the other answer states, this is a (poorly handled) restriction on Azure as of now and there seems to be no ETA on when it shall be lifted
In the meantime, you can still get an SQL database up and running in Azure, if you don't mind doing a bit of extra work and don't want to wait - just set up a Docker instance and put MSSQL on it!
In the Azure Portal, create a container instance. Use the following docker image: https://hub.docker.com/r/microsoft/mssql-server-windows-express/
while creating, you might have to set the ACCEPT_EULA environment variable to "Y".
after it boots up (10-20 minutes for me), in the portal, connect to it with the "sqlcmd" command and set up your login. In my case, I just needed a quick demo db, so I took the "sa" login, ran "alter login SA with password ='{insert your password}'" and "alter login SA enable". See here for details: https://learn.microsoft.com/en-us/sql/t-sql/statements/alter-login-transact-sql?view=sql-server-ver15#examples
and voila, you have an SQL instance on Azure. Although it's unmanaged and poorly monitored, it might be enough for a short-term solution. The IP address of the docker instance can be found in the Properties section of the container instance blade.
Maybe you can reference this blog: Azure / SQL Server / This location is not available for subscription. It has the same error with you.
Run this powershell command to check if the location you choose is available:
Get-AzureRmLocation | select displayname
If the location is available, the best way to resolve this issue just contact the Azure support to have this enabled for you. You can do this for free using support page on your Azure Portal.
They well contact you can help you solve it.
Hope this helps.
This is how I solved myself. Let me tell you the problem first. Then the solution.
Problem: I created a brand new free Azure account (comes with $250 free credit) for a client. Then upgraded to pay-as-you-go subscription. I was unable to create Azure SQL db. The error was 'location is not available'.
How I solved: I created another pay-as-you-go subscription in the same account. Guess what - I was able to create SQL db in my new subscription right away. Then I deleted the first subscription from my account. And yes, I lost the free credit.
If your situation is similar to mine, you can try this.
PS: I have 3 clients with their own Azure accounts. I was able to create SQL Db in all of their accounts. I think the problem arises only for free accounts and/or for free accounts that upgraded to pay-as-you-go accounts.
EDIT - 2020/04/22
This is still an ongoing problem up to today, but I was told by Microsoft support that on April 24th, a new Azure cluster will be available in Europe. Thus it might get possible to finally deploy SQL Server instances on Free accounts around there.
Deploy a docker container running SQL Server
To complement on #Filip's answer, and given that the problem still remains with Azure SQL Server, a docker container running a SQL Server is a great alternative. You can set yourself one very easily running the following command on the cloud shell:
az container create --image microsoft/mssql-server-windows-express --os-type Windows --name <ContainerName> --resource-group <ResourceGroupName> --cpu <NumberOfCPUs> --memory <Memory> --port 1433 --ip-address public --environment-variables ACCEPT_EULA=Y SA_PASSWORD=<Password> MSSQL_PID=Developer --location <SomeLocationNearYou>
<ContainerName> : A container name of your choice
<ResourceGroupName> : The name of a previously created Resource Group
<NumberOfCPUs> : Number of CPUs you want to use
<Memory> : Memory you want to use
<Password> : Your password
<SomeLocationNearYou> : A location near you. For example,
westeurope
Access SQL Server
Once the container instance is deployed, in the Overview you will be able to find an IP address. Use that IP address and the password you chose in the az container command to connect to the SQL Server, either using Microsoft's SSMS, or the sqlcmd utility
Some documentation regarding the image I have used can be found here.
More information on the command I have used here.
I have made application ASP.NET C# and my connection string is as follows:
<add name="ASPNETDB" connectionString="Server=tcp:MYDATA.database.windows.net,1433;Database=MYDATA;User ID=MYDATA;Password=MYDATA;Trusted_Connection=False;Encrypt=True;Connection Timeout=30;" providerName="System.Data.SqlClient" />
Now it doesn't work at all, I mean I can't connect to my SQL server on Azure at all. When I want to login nothing happens, when I want to register nothing happens too. I get exception when I press to update DB, ie Publish->Settings-> Check box "Update database" Configure database updates . It seems to me that it doesn't work at all. The exception is of following type:
Error 22 Web deployment task failed. (Could not deploy package.
Unable to connect to target server.
Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_EXECUTING_METHOD.) 0 0
What should I do? Please help?
I would recommend logging into the azure management portal and re downloading the publish profile for the application. If you are not working using a publish profile , then at least re download the connection string that is setup for the app and the DB. while in there check that the application (web site or VM) is up and running, and that the database it is connected to is also up and running.
I had to set firewall rule 0.0.0.0 to 255.255.255.255. Even though my firewall rule was set for my address, somehow it didn't register, because communication was relying to my website-DB and ip address of my website wasn't included there too. So I put rule as said before and now it works like a charm. :-)
I've been attempting to migrate from my own MSSQL to Azure Database services.
I got all the firewall things working and the database running on the azure, but when I try to connect through the local pc it crashed with an unknown exception.
So does visual studio.
Any ideas what could cause this unknown error?
Heres a picture demonstrating the crash and its not a user/password error. Just not.
Maybe it's better if you try to provide the Exception/Error code. You can use:
http://msdn.microsoft.com/en-us/library/ff394106.aspx
I had similar problems and in the end it turns to be the connection I've used - so one option is to restart your LAN/Network.
Update: According to me is config related error, please see these solutions here:
http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_programs/runtime-error-p6025-pure-virtual-function-call-on/89e10d2f-b949-e011-8dfc-68b599b31bf5
https://superuser.com/questions/628314/runtime-error-r6025-unable-to-see-location-of-program-causing-the-error
About SSL certificate and Browser you're using:
https://bugzilla.mozilla.org/show_bug.cgi?id=133476
http://www.symantec.com/connect/forums/r6025-pure-virtual-function-call-runtime-error
Maybe you've missed something, also what Win are you with?
I've searched Google for days, but cannot come up with any answers. A week ago, we did a server migration. We have a clustered environment where the following code works on one server, but not the other (and I cannot get it to work on my local machine for our non-clustered development environment):
rootDSE = New DirectoryEntry("LDAP://nonfullyqualifieddomain/RootDSE")
If I try the above, I get the generic error mentioned in the question title (Again, it works on one of the servers, but not the other).
However, when I do this the DirectoryEntry object is instantiated:
rootDSE = New DirectoryEntry("LDAP://fully.qualified.domain", adUserId, adPassword, AuthenticationTypes.Secure)
Based on what I see online, my best guess is that it has something to do with permissions or configurations, but I'm not familiar with the server administration side of the application. Any suggestions would be appreciated!
Every time I've got the "Server not operational" in one of the infrastructure I worked on, it was because I was trying to connect an LDAP server on a bad adress. This was due to :
Bad DNS resolution
Bad Netbios resolution
Firewall filtering
My advice it to use DNS resolution for production and test environment, and to use direct IP adress for development environment.
Be sure 389 (or 636) port is binded on the adress you use and you can connect to it. On Windows Server 2008 LDP.EXE is a good tool to test LDAP connexion (present in W2K3 ressource kit). On development computer I use Apache Directory Studio which is also a good tool to test Directory connectivity and content.
I have come across the same error in one of our legacy applications. This is a memory leak issue. To work around this, I made sure that the code was disposing of the Directory entry once done using it. Something like:
using (System.DirectoryServices.DirectoryEntry OUEntry
= new DirectoryEntry(domain, userName, userPassword))
{
// your code here
}