We are unable to send the data to SQL database using SQL adapter in BizTalk.
The error we are facing is:
error in initializing provider [DBNETLIB]ConnectionOpen(SECCreateCredentials()]SSL Security error
We have recently enabled TLS 1.2 and disabled lower versions on both BizTalk and SQL servers.
We checked that SQL server native client version 11 was also installed in both servers.
We have tried creating ODBC connection using SQL serve native client 11 and that also didn't work.
Can you please suggest what is causing the issue and any other changes needs to be implemented.
Related
I have been digging for answers for this issue and have not been able to solve it. I believe it is a TLS issue but nothing I've tried fixes it. Setup ...
The reporting application server trying to connect to the database server via ODBC SQL Server is using the SQLSRV32.DLL version 6. (I know the driver is old and updating would probably fix the issue but that is not so easy to do). I have confirmed on both hosts that TLS 1.0 is not enabled. I did this by checking the registry under "SCHANNEL->Protocols" and using "Internet Options -> Advanced Tab". Both only have TLS 1.1 and TLS 1.2 checked. The error is "Error 772; Connection Failed; SSL Security Error". I found a host with an updated ODBC driver (v10) and it can connect to the database.
I have another DB and reporting server with what appears to be identical configurations, using the same old SQL driver, but they are not having the issue. Trying to connect from this reporting server to the other database fails too.
I believe this is an issue with the database server, possibly SQL Server, but am stuck on what to look for.
Any guidance on what else to look at would be appreciated.
Installed IBM Mobilefirst 8 server with WAS 8.5.5.12 using Apache derby database.
Facing below error while checking connection of datasource which are created for mobilefirst server :
java.lang.Exception: DSRA8101E: DataSource class cannot be used as one-phase: ClassCastException: org.apache.derby.jdbc.AutoloadedDriver40 incompatible with org.apache.derby.jdbc.InternalDriver
Working fine with mysql database.
While this message would normally indicate that a data source implementation class was specified that does not implement javax.sql.ConnectionPoolDataSource, I don't believe that is the case here based on the classes identified in the exception message. Another possible cause is that multiple copies of the Derby JDBC driver are on the classpath at the same time. It should be noted that WebSphere Application Server traditional ships a copy of the Derby JDBC driver. If you do have two copies, is it possible to switch to only using the one that is shipped with the application server? If that is not possible, you might be able to work around this by selecting the option to isolate your JDBC provider.
For use with MFP 8.0 standalone server with Websphere Application Server 8.5.5.5, use DB2,MySQL or Oracle
I am trying to connect to an internal SQL database which allows TLS 1.2 protocol only.
I am able to log-in to the database using the SQL Server Management studio.
I'd like to connect to that same database using Excel 2013 (for a more graphic report). I have read a lot on Excel having problems with TLS1.2 and the use of ODBC Driver instead since that is the only one which supports tls 1.2.
Sadly when entering the credentials and testing the connection we receive the following error:
TEST CONNECTION FAILED BECAUSE OF AN ERROR ININITIALIZING PROVIDER. UNSPECIFIED ERROR
Does anybody have experience with using Excel to connect to SQL Server using TLS1.2? Am I doing something wrong? I'm using the Data link: Microsoft OLE DB Provider for ODBC drivers. The normal SQL way of adding things doesn't work either but I believe that's because TLS1.2 isn't supported there.
If I recall correctly, Management Studio will connect on port 1433 by default and use the TDS protocol and really have nothing to do with TLS. So it is not surprising that it works in SSMS.
From https://blogs.msdn.microsoft.com/sql_pfe_blog/2017/09/27/microsoft-excel-tls-sql-server-important-considerations/
For all NEW workbooks, do not use that menu option. Instead use the
"From Data Connection Wizard" and select a compliant driver from the
list. A requirement is that you have the SQL Native Client (2008 or
2012) or ODBC drivers with appropriate patches per TLS 1.2 support for
Microsoft SQL Server below.
So it seems like just using ODBC will not work unless ODBC on your machine has been patched to handle TLS 1.2.
I believe the ODBC update you need is below.
https://www.microsoft.com/en-us/download/details.aspx?id=36434&751be11f-ede8-5a0c-058c-2ee190a24fa6=True
We recently migrated an application database to a new version from winserv2008/sql2008 to winserv2012R2/Sql2014. A service that pulls on this DB needs to be redesigned to accommodate some minor table/view definition changes.
Running the service code through tests under my personal security context works fine. However, installing and starting the service under .\LocalSystem is problematic. Looking at the service logs in event viewer I see that the service tries to connect to the sql server but gets a ERROR[28000] Login failed for user 'Domain\LocalSystemName$'.
The connection is via ODBC, SQL Server Native Client 11.0. Connection string is like:
"dsn=dsn_name;Driver={SQL Server Native Client 11.0};Database=database_name;Integrated Security=False;uid=accountname;pwd=accountpassword;Connect Timeout=15;ApplicationIntent=ReadOnly;"
Also, through the course of troubleshooting I've discovered/confirmed several things.
The sql server credentials I am using are correct, they are also being used to connect from a SQL2016 instance to the SQL14 server as a linked server.
The original service install on a utility server appears to be hitting the new database fine after the ODBC connection settings were switched.
My questions are:
Have you run into anything like this before?
Am I missing something simple in my connection string?
Are there per machine security settings in sql14 that I'm missing?
I'm trying to switch off TLS 1.0 on my SQL Server 2012 server in order to comply with PCI standards.
Initially I had some trouble with the SQL Server service not starting.
I've found help online on other sites and discussions but I'm having mixed results:
This is what I've done so far:
I have downloaded SQL Server 2012 Cumulative Update 7 (CU 6 also works) and the SQL Server Service then starts correctly.
I had a problem not being able to sign in to the DB instance through SQL Server Enterprise Manager which was fixed by installing .Net 4.6.
Next problem, client computer running IIS Application is unable to connect to SQL instance because of a 'handshaking SSL error'. I followed advice and installed the latest SNAC native client.
This was difficult to track down and the latest version available as a download from Microsoft was from 2014. I then obtained sqlnclient.msi dated 9/7/2015 revision number {E6CB4138-3D1C-4ADC-95C4-88322B60FC14} from a sub folder generated by the extract of CU 7 - "Path to Extract Folder \1033_enu_lp\x64\setup\x64".
I've updated this version of the Native client on my IIS server (and .Net 4.6) and I'm still unable to connect remotely to the SQL instance. If I enable TLS 1.0 I'm able to connect.
The exact error I'm getting is 'A connection was sucessfully established with the server, but then an error occurred during the pre-login handshake'.
My diagnosis is I don't have the correct version of SNAC on my machine compatible with TLS 1.2 and the CU 7 as the client and server cannot handshake. However, this sqlnclient.msi was extracted from the CU 7 and I cannot find a more up to date copy.
Has anyone else experienced this problem? What version of the SNAC are you using? Where did you get it?
Thanks
As of January 29th, Microsoft SQL Server supports TLS 1.2 for SQL Server 2008, SQL Server 2008 R2, SQL Server 2012 and SQL Server 2014 and major client drivers like Server Native Client, Microsoft ODBC Driver for SQL Server, Microsoft JDBC Driver for SQL Server and ADO.NET (SqlClient).
Blog post about the release: http://blogs.msdn.com/b/sqlreleaseservices/archive/2016/01/29/tls-1-2-support-for-sql-server-2008-2008-r2-2012-and-2014.aspx
List of builds that support TLS 1.2 along with the client and server component download locations (KB3135244): http://support.microsoft.com/kb/3135244
Did you get the client update from the KB (https://support.microsoft.com/en-us/kb/3052468)
Package name: 2012_SP2_SNAC_CU6_3052468_11_0_5592_x64
Download link: http://support2.microsoft.com/hotfix/KBHotfix.aspx?kbnum=3052468&kbln=en-us
What is the provider name in your IIS site?
You will need the KB3052468 update both for the client and the server. They are available on the hotfix download link provided.