question

gnaneshwarmuthaluri-4068 avatar image
0 Votes"
gnaneshwarmuthaluri-4068 asked DSPatrick edited

microsoft ole db provider for sql server working on local machine but not on server after TLS 1.0 and TLS 1.1 disable

We have an application which uses microsoft ole db provider for sql server  to read data from sql server. 




After our DBA team disabled TLS 1.0 and TLS 1.1 




Application on the server stopped working and when I tried connecting to database using Microsoft ole db provider for sql server  I received below error 

[DBNETLIB][ConnectionOpen (SECDoClientHandshake()).]SSL Security error




But when I am able to connect to the same database and same driver without any issues from my local machine. 




I am not sure why the same connection works on one machine but not on another, any inputs are appreciated




















sql-server-general
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @gnaneshwarmuthaluri-4068,
How are things going? Did the answers help you?
Please feel free to let us know if you have any other question.
If you find any post in the thread is helpful, you could kindly accept it as answer.
Best Regards,
Amelia

0 Votes 0 ·

sqloledb + TLS 1.2 is broken on Server 2016. It will only work if TLS 1.0 is enabled. It works fine on Server 2019. The Version of the sqloledb.dll is newer on Server 2019. I have not found a KB or OLE driver update that will update the version on Server 2016 to the version found on Server 2019.

Hopefully Microsoft will fix this. (although they may have provided a TLS 1.2 compatible version on Server 2019 by accident).

0 Votes 0 ·

As I say in my answer below, SQLOLEDB is a very old provider, and you should not use it. They may have slapped TLS 1.2 on to it in Windows Server 2019, but there are a lot of features added in SQL 2005 and later that SQLOLEDB does not support. What you should use is the MSOLEDBSQL provider.

0 Votes 0 ·
ErlandSommarskog avatar image
0 Votes"
ErlandSommarskog answered

What operating system has the server? What has your local machine?

In any case SQLOLEDB is a very old provider, and you should looking to moving to the more recent MSOLEDBSQL provider.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AmeliaGu-msft avatar image
0 Votes"
AmeliaGu-msft answered

Hi @gnaneshwarmuthaluri-4068,

[DBNETLIB][ConnectionOpen (SECDoClientHandshake()).]SSL Security error

Are you using SQLOLEDB driver?
Have you enabled TLS 1.2 when disabling TLS 1.1 and 1.0 for SQL Server?
If so, SQLOLEDB will not receive support for TLS 1.2, and has been deprecated. You can use Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL) driver, which features backwards compatibility with SQLOLEDB and can be used as a replacement. In addition, to use the MSOLEDBSQL in applications, you need to convert your connection strings from SQLOLEDB to MSOLEDBSQL. Please refer to this doc which might help.

Best Regards,
Amelia


If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.