Dbnetlib connectionopen seccreatecredentials ошибка безопасности ssl

My server is windows 2008 server r2.
I found the following error on my server after disable tls 1.0 and SSLv3.

[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security
error.

Currently, only TLS 1.2 is enabled on my server, and at the client side the TLS 1.2 is set on

Is it posible if [DBNETLIB] is running on TLS 1.2?

There might be chances that ODBC 11.0 earlier version is been installed. In this case the connection string should be
Driver={ODBC Driver 11 for SQL Server};Server=myServerAddress;Database=myDataBase;Trusted_Connection=yes;

And also check TLS 1.2 is enabled

answered Dec 12, 2018 at 16:04

After disabling TLS 1.0 and 1.1 on Windows Server 2016 we were able to get our ASP Classic scripts database connections working again in the following way:

1. Download and install Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL)
2. Replace Provider=SQLOLEDB; with Provider=MSOLEDBSQL; in all connection strings for the ASP Classic scripts
3. Done! (no restart needed)

Note: The previous (same name but different abbreviation) Microsoft OLE DB Provider for SQL Server (SQLOLEDB) and SQL Server Native Client OLE DB provider (SQLNCLI) remains deprecated and it is not recommended to use either for new development work. (source)

answered Jan 12, 2022 at 13:25

I had to do several things. The server was Windows 2016 Standard testing with a .txt file I changed to .UDL. This server was trying to connect to our Sql Server 2008 R2 SP3

On the 2016 box I installed SQL Server Native client 10.0

Get that here : https://www.microsoft.com/en-us/download/details.aspx?id=57606

Finally on the sql server box I had to install patch KB4057113 to enable TLS1.2

Note when testing the connection by opening the .UDL file don’t forget to change the provider to SQL Server Native Client 10.0

answered Jun 21, 2019 at 18:58

Similiar to Jonas Appelgran’s answer, but some slight changes to solve our issue.

1. Download and install install Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL)
2. Replace Provider=SQLOLEDB; with Provider=MSOLEDBSQL19; in all connection strings for the ASP Classic scripts (note the version of the driver was needed)
3. At this point, was still getting the following error:

SSL Provider: The certificate chain was issued by an authority that is
not trusted.

After some research, I found that I also needed to either trust the server certificate or set the encryption to false in the connection string:

Trust Server Certificate=True;
and/or
Use Encryption for Data=False;

Need to update these depending on your situation but it was an internal intranet application only for us so either option was fine. (Otherwise you would need to create and install either a self-signed certificate or one from your organization’s CA.)

answered Jul 11, 2022 at 22:27

1. Open Regedit (Wind+R > regedit)
2. Locate HKLM\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib
3. Create a new word value and name it «Certificate» set the value to this: «Certificate=0»
4. Also modify the default REG_SZ and set the value to «Certificate=0»
5. Restart the MSSQL service

Hope this helps since worked for me.

answered Dec 15, 2017 at 15:03

My server is windows 2008 server r2.
I found the following error on my server after disable tls 1.0 and SSLv3.

[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security
error.

Currently, only TLS 1.2 is enabled on my server, and at the client side the TLS 1.2 is set on

Is it posible if [DBNETLIB] is running on TLS 1.2?

There might be chances that ODBC 11.0 earlier version is been installed. In this case the connection string should be
Driver={ODBC Driver 11 for SQL Server};Server=myServerAddress;Database=myDataBase;Trusted_Connection=yes;

And also check TLS 1.2 is enabled

answered Dec 12, 2018 at 16:04

After disabling TLS 1.0 and 1.1 on Windows Server 2016 we were able to get our ASP Classic scripts database connections working again in the following way:

1. Download and install Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL)
2. Replace Provider=SQLOLEDB; with Provider=MSOLEDBSQL; in all connection strings for the ASP Classic scripts
3. Done! (no restart needed)

Note: The previous (same name but different abbreviation) Microsoft OLE DB Provider for SQL Server (SQLOLEDB) and SQL Server Native Client OLE DB provider (SQLNCLI) remains deprecated and it is not recommended to use either for new development work. (source)

answered Jan 12, 2022 at 13:25

I had to do several things. The server was Windows 2016 Standard testing with a .txt file I changed to .UDL. This server was trying to connect to our Sql Server 2008 R2 SP3

On the 2016 box I installed SQL Server Native client 10.0

Get that here : https://www.microsoft.com/en-us/download/details.aspx?id=57606

Finally on the sql server box I had to install patch KB4057113 to enable TLS1.2

Note when testing the connection by opening the .UDL file don’t forget to change the provider to SQL Server Native Client 10.0

answered Jun 21, 2019 at 18:58

Similiar to Jonas Appelgran’s answer, but some slight changes to solve our issue.

1. Download and install install Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL)
2. Replace Provider=SQLOLEDB; with Provider=MSOLEDBSQL19; in all connection strings for the ASP Classic scripts (note the version of the driver was needed)
3. At this point, was still getting the following error:

SSL Provider: The certificate chain was issued by an authority that is
not trusted.

After some research, I found that I also needed to either trust the server certificate or set the encryption to false in the connection string:

Trust Server Certificate=True;
and/or
Use Encryption for Data=False;

Need to update these depending on your situation but it was an internal intranet application only for us so either option was fine. (Otherwise you would need to create and install either a self-signed certificate or one from your organization’s CA.)

answered Jul 11, 2022 at 22:27

1. Open Regedit (Wind+R > regedit)
2. Locate HKLM\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib
3. Create a new word value and name it «Certificate» set the value to this: «Certificate=0»
4. Also modify the default REG_SZ and set the value to «Certificate=0»
5. Restart the MSSQL service

Hope this helps since worked for me.

answered Dec 15, 2017 at 15:03

С начала мая началась рассылка обновления операционной системы windows 10 версии 1803(сборка 17134).В результате в некоторых случаях невозможно подключится к локальному MS SQL серверу (ошибка безопасности SSL), на текущей момент есть три решения проблемы:
1) Запустите приложение Параметры, перейдите в раздел Обновление и безопасность и выберите вкладку Восстановление. Выберите опцию Вернуться к предыдущей версии Windows 10
2) Удаление КриптоПро СSP
3) Удалите ключ в реестре HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Providers\Crypto-Pro Primitive Provider\UM\00010002 и перезагрузите машину.Работоспособность SQL Server будет восстановлена, но может на некоторых сайтах не работать ГОСТ TLS.

4) Владельцам Крипто-Про версии 4.0 для устранения данной проблемы можно перейти на использование промежуточной сборки КриптоПро CSP 4.0 R4.

Если возникает ошибка вида [DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error при обращении к MSSQL серверу, то решение следующее:
Необходимо установить значение Enable параметру групповой политики безопасности
Local Security Policy —> Local Policies —> Security Options —> ‘System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing

Затем от имени администратора выполнить в командной строке:
gpupdate /force