SSL Security Error when connecting to SQL Database in a "TLS 1.2"-only configuration

Symptoms

After setting the registry values to use TLS 1.2 only in Windows, when connecting to a FlexiCapture Database an error of the following format is shown:

[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error

Cause

This may be caused by several factors:

1. The SQL Database version is one that does not support TLS 1.2

2. The .NET framework version does not support TLS 1.2

3. The database connection provider does not support TLS 1.2

Resolution

Depending on a specific cause, there are different solutions available:

1. Check if your current SQL Database installation version supports TLS 1.2. You can refer to the following article from Microsoft about TLS-supported versions of SQL Server. Please, update accordingly, taking all the precautionary backup measures before upgrading.

2. Check if your current .NET version supports TLS 1.2. .NET Framework version 4.X should support TLS 1.2 natively, but some 3.X versions may require additional updates or patches for the TLS 1.2 support. You may refer to the following Microsoft article for additional information.

3. Check if the database connection provider that is currently used supports TLS 1.2. The default provider for FlexiCapture 12 is SQL Native Client 11 (SQLNCLI11), but depending on its specific version it may not support TLS 1.2. An update to the SQLNC11 might be necessary.
Alternatively, it is possible to use a different SQL provider that supports TLS 1.2 for the database connection. For example, you can use the MSOLEDBSQL, for the FC12 database connection by installing this driver onto your system and specifying it in the connection string found in the following file:
C:\inetpub\wwwroot\FlexiCapture12\Server\web.config

Find the following line:

<connectionStrings> <add name="FlexiCapture12ConnectionString" connectionString="Provider=MSOLEDBSQL ...

And replace the "Provider" value with MSOLEDBSQL.

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.