• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 537
  • Last Modified:

Microsoft JDBC driver permissions

I have an application that started trying to connect to the SQL server using SSL after restart. Is there a security setting or permission deployment for java that would make the JBBC driver request connections use SSL. The connection was working fine for several months and I can still connect using ODBC

The error I get is:
:[trycatch] Caught exception: com.microsoft.sqlserver.jdbc.SQLServerException:
 the driver could not establish a secure connection to SQL Server by using Secure
 Sockets Layer (SSL) encryption. Error: "SQL Server did not return a response. The connection has been closed.".
      [echo] ERROR: com.microsoft.sqlserver.jdbc.SQLServerException: The driver
 could not establish a secure connection to SQL Server by using Secure Sockets Lay
 er (SSL) encryption. Error: "SQL Server did not return a response. The connection has been closed.".
0
Robert Timmons
Asked:
Robert Timmons
  • 5
  • 5
1 Solution
 
sr75Commented:
the driver should allow for no SSL, try SSL, and only SSL for sql connections.

This should help you to understand how it should be configured.

http://msdn.microsoft.com/en-us/library/bb879935(v=sql.110).aspx
0
 
Robert TimmonsSenior Technical ConsultantAuthor Commented:
Sorry, I guess I was not clear. I do not want to connect SSL. The application was working correctly before restart and then after could not longer connect to SQL and when I looked at the log it reports it cannot establish a SSL connection. What would cause a JDBC connection to start wanting to use SSL. I have already checked that FIPS is not enabled since that has caused issues in the past.
0
 
sr75Commented:
that is why I gave you the link so you can look at how it is making the connection and whether or not your SQL server is requiring SSL for the queries.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
Robert TimmonsSenior Technical ConsultantAuthor Commented:
SQL is not set to force encryption
0
 
sr75Commented:
okay, now look the jdbc command string to ensure it doesn't require encryption as well.
0
 
Robert TimmonsSenior Technical ConsultantAuthor Commented:
The connection string does not include encryption settings either. The application connected just fine for months and no changes made to application. That why I am stumped as too why it is trying to connect SSL after a restart
0
 
sr75Commented:
are you sure there isn't another connection string?  It shouldn't be trying to connect with SSL if it is not being told to.
0
 
Robert TimmonsSenior Technical ConsultantAuthor Commented:
I went to the team that wrote the application and they tell me there is nothing that would make it try to connect SSL and that it must be infrastructure. The only other time I ran into this problem with this particular application was when FIPS was enabled because the JDBC drive is FIPS aware but once I turned FIPS off then the issue went away but I have triple checked that FIPS is not enabled. The parameters of the connection string are below. I checking now to see if there is any other app on the machine that is using java

<db-connection name="XXXXX">
            <url>jdbc:sqlserver://servername:1433;Database=CORE_Scrub;ApplicationName=HMS;LoginTimeout=300</url>
            <driver>com.microsoft.sqlserver.jdbc.SQLServerDriver</driver>
            <user>HMS</user>
            <password>FpuS7WwhbegupK+/yHaniQ\=\=</password>
            <min-size>80</min-size>
            <max-size>100</max-size>
            <idle-timeout-minutes>1</idle-timeout-minutes>
        </db-connection>
0
 
sr75Commented:
You are right, there is nothing in that string that tells it to try SSL.   But the app is trying an SSL connection.  I would look at the code and verify that is the only JDBC code in app.  It doesn't make sense other wise.
0
 
Robert TimmonsSenior Technical ConsultantAuthor Commented:
I've requested that this question be deleted for the following reason:

Found my own solution
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now