Failure to connect to sql server 2008 with ssl version.

Question

Failure to connect to sql server 2008 with ssl version.

chenall opened this issue 10 months ago · 5 comments

chenall commented 10 months ago

2008 fail
tdsdump-2008.log

2012 ok
tdsdump-2012.log

Answer 1 · 2024-03-09T08:58:20.000Z

dumps using wireshark to grab the same server using osql and osql connections

wireshark-dump.zip

Answer 2 · 2024-03-09T17:20:18.000Z

Usually TLS handshake failure means the server is not supporting recent enough settings. In this case the server seems to try using TLS 1.1.

Answer 3 · 2024-03-11T02:07:42.000Z

I tried installing KB4057113 to support TLS 1.2

Works properly on Windows 10 with sqlserver 2008 r2
Failed on Windows 7 with sqlserver 2008 r2.

Is there any other way to solve this problem?
I'm currently disable encrypted for SQL 2008.

Answer 4 · 2024-03-12T14:04:31.000Z

This is my configuration at %AppData%\.freetds.conf, it can connect with SQL Server 2008 with port 1455

[global]
  # TDS protocol version
  tds version = auto
  enable tls v1 = true

  # Whether to write a TDSDUMP file for diagnostic purposes
  # (setting this to /tmp is insecure on a multi-user system)
  dump file = /tmp/freetds.log
  debug flags = 0xffff

  # Command and connection timeouts
  ; timeout = 10
  ; connect timeout = 10
  
  # To reduce data sent from server for BLOBs (like TEXT or
  # IMAGE) try setting 'text size' to a reasonable limit
  ; text size = 64512

  # If you experience TLS handshake errors and are using openssl,
  # try adjusting the cipher list (don't surround in double or single quotes)
  # openssl ciphers = HIGH:!SSLv2:!aNULL:-DH

[sql2008]
  host = localhost
  port = 1455
  tds version = 7.0

Answer 5 · 2024-03-13T01:17:56.000Z

@taozuhong tds 7.0 does not use SSL.

enable tls v1 I've tried it doesn't work.

Looks similar to #299.