Skip to main content

Qlik

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Announcements
A fresh, new look for the Data Integration & Quality forums and navigation! Read more about what's changed.
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
PCigolini
Contributor
‎2021-02-02 05:37 PM

TLS version issue with DB connection to Azure MSSQL database

We are receiving the following error when testing our Db Connection to Microsoft Azure SQL server. We are on the latest version of JRE and have loaded the latest mssql-jdbc.jar into Talend.

Connection failure. You must change the Database Settings.

 java.lang.RuntimeException: java.sql.SQLException: Reason: Login failed due to client TLS version being less than minimal TLS version allowed by the server.

   at org.talend.core.model.metadata.builder.database.JDBCDriverLoader.getConnection(JDBCDriverLoader.java:208)

   at org.talend.core.model.metadata.builder.database.ExtractMetaDataUtils.connect(ExtractMetaDataUtils.java:1146)

   at org.talend.core.model.metadata.builder.database.ExtractMetaDataFromDataBase.testConnection(ExtractMetaDataFromDataBase.java:315)

   at org.talend.metadata.managment.repository.ManagerConnection.check(ManagerConnection.java:290)

   at org.talend.repository.ui.wizards.metadata.connection.database.DatabaseForm$67.runWithCancel(DatabaseForm.java:4208)

   at org.talend.repository.ui.wizards.metadata.connection.database.DatabaseForm$67.runWithCancel(DatabaseForm.java:1)

   at org.talend.repository.ui.dialog.AProgressMonitorDialogWithCancel$1.runnableWithCancel(AProgressMonitorDialogWithCancel.java:77)

   at org.talend.repository.ui.dialog.AProgressMonitorDialogWithCancel$ARunnableWithProgressCancel$1.call(AProgressMonitorDialogWithCancel.java:161)

   at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)

   at java.base/java.lang.Thread.run(Thread.java:832)

 Caused by: java.sql.SQLException: Reason: Login failed due to client TLS version being less than minimal TLS version allowed by the server.

   at net.sourceforge.jtds.jdbc.SQLDiagnostic.addDiagnostic(SQLDiagnostic.java:372)

   at net.sourceforge.jtds.jdbc.TdsCore.tdsErrorToken(TdsCore.java:2988)

   at net.sourceforge.jtds.jdbc.TdsCore.nextToken(TdsCore.java:2421)

   at net.sourceforge.jtds.jdbc.TdsCore.login(TdsCore.java:632)

   at net.sourceforge.jtds.jdbc.JtdsConnection.<init>(JtdsConnection.java:371)

   at net.sourceforge.jtds.jdbc.Driver.connect(Driver.java:184)

   at org.talend.core.model.metadata.builder.database.DriverShim.connect(DriverShim.java:41)

   at org.talend.core.model.metadata.builder.database.JDBCDriverLoader.getConnection(JDBCDriverLoader.java:199)

   ... 9 more

Labels (2)
Labels
746 Views
0 Likes
3 Replies
prg
Employee
‎2021-02-03 12:51 PM

Hi @Paul Cigolini​,

 

Please note that TLS support is dependant on the JDK version and not talend.

 

They are setting JDK 8 to use TLS 1.2 as the default.

 

Please refer to the below document for reference;

https://blogs.oracle.com/java-platform-group/jdk-8-will-use-tls-12-as-default

 

Also, try to provide additional JDBC parameter to URL i.e. "?enabledTLSProtocols=TLSv1.2"

 

Additionally, Here is the nice documentation on how to force ms-sql to accept TLSv1.2, as it can be also a limit from the system:

https://dev.mysql.com/doc/refman/5.7/en/encrypted-connection-protocols-ciphers.html

 

Change the system-wide host configuration to permit additional TLS protocols. Consult your operating system documentation for instructions. For example, your system may have an /etc/ssl/openssl.cnf file that contains these lines to restrict TLS protocols to TLSv1.2 or higher:

[system_default_sect]

MinProtocol = TLSv1.2

 

Then, once connected on the mssql server, what can you see at:

mysql> SHOW GLOBAL VARIABLES LIKE 'tls_version';

 

Then on mssql my.cnf configuration file, please add under [mysqld]:

[mysqld]

tls_version=TLSv1.2

Restart mssqld

 

Studio Side:

 

You can force the use of TLSV1.2 with an option:

-Dhttps.protocols=TLSv1.2 that you'll write down on the studio ini file

 

Please revert back to the community, if needed.

 

Regards,

Vaishnavi

746 Views
0 Likes
PCigolini
Contributor
‎2021-02-03 01:26 PM
Author

Hi Vaishnavi,

 

Thank you for suggestions.

 

Our JDK version is the latest available.

 

We also tried applying the parameter to the DB connection settings as you suggested, with no success.

 

Unfortunately, we are limited in trying your other suggestions because we are on Microsoft SQL Server (not mysql), and we are not going to be able to change the configuration in SQL anyway due to security issues.

 

Paul

746 Views
0 Likes
Arjun1
Contributor III
‎2021-04-29 08:43 AM

@Paul Cigolini​ ,

You can pass ssl=require in additional parameters on tDBConnection component of MSSQL to make it successful connection. it worked for me. Thank you.

746 Views
0 Likes
Top