How to connect to MSSQL Server with windows authentication and Force Encryption set to true












5















I was connecting to Sql Server 2008 & 2008+ via Java program with




  • Java 8

  • Sql jdbc microsoft driver 4.1

  • Connection string: DriverManager.getConnection("jdbc:sqlserver://<Ip>;instance=MSSQLSERVER;domain=<domain>;IntegratedSecurity=true;ssl=request;", "administrator", "password");


I was able to connect successfully.
However when I enabled Force encryption to true in the sql server via sql server configuration manager.



enter image description here
I started getting following error.



com.microsoft.sqlserver.jdbc.SQLServerException: An existing connection was forcibly closed by the remote host ClientConnectionId:xxxx


FYI:
I have already tried adding below parameters in connection string.




  • ssl=request

  • ssl=require

  • encrypt=true

  • trustServerCertificate=true

  • Also I have tried upgrading the driver to 4.2 & mssql driver 7.0

  • Tried jtds driver as well

  • Point to be noted: I am able to connect to instance via ssms


EDIT 1



- Another important point - It's happening only for windows authentication (enabled via IntegratedSecurity=true; in connection string).
So this case is happening only when Force encryption is set to true and we try to connect in windows authentication mode.










share|improve this question

























  • Have you tried upgrading to a newer driver (4.1 and 4.2 are pretty old, current latest is 7.0.0)?

    – Mark Rotteveel
    Nov 10 '18 at 9:14











  • @MarkRotteveel Yes, I have tried upgrading to latest mssql jdbc driver 7.0.0 as well. No luck.

    – Vaibhav Jain
    Nov 10 '18 at 10:17











  • Which Java 8 version are you using? Things changed in the SSL/TLS support during the Java 8 release cycle, maybe there is an incompatibility with the SQL Server 2008 SSL/TLS support.

    – Mark Rotteveel
    Nov 10 '18 at 10:18











  • @MarkRotteveel One more point. When I upgrade to latest 7.0.0 driver the exception error was different com.microsoft.sqlserver.jdbc.SQLServerException:Connection reset ClientConnectionId:xxx

    – Vaibhav Jain
    Nov 10 '18 at 10:19













  • @MarkRotteveel I am using 1.8.0_191 version

    – Vaibhav Jain
    Nov 10 '18 at 10:20
















5















I was connecting to Sql Server 2008 & 2008+ via Java program with




  • Java 8

  • Sql jdbc microsoft driver 4.1

  • Connection string: DriverManager.getConnection("jdbc:sqlserver://<Ip>;instance=MSSQLSERVER;domain=<domain>;IntegratedSecurity=true;ssl=request;", "administrator", "password");


I was able to connect successfully.
However when I enabled Force encryption to true in the sql server via sql server configuration manager.



enter image description here
I started getting following error.



com.microsoft.sqlserver.jdbc.SQLServerException: An existing connection was forcibly closed by the remote host ClientConnectionId:xxxx


FYI:
I have already tried adding below parameters in connection string.




  • ssl=request

  • ssl=require

  • encrypt=true

  • trustServerCertificate=true

  • Also I have tried upgrading the driver to 4.2 & mssql driver 7.0

  • Tried jtds driver as well

  • Point to be noted: I am able to connect to instance via ssms


EDIT 1



- Another important point - It's happening only for windows authentication (enabled via IntegratedSecurity=true; in connection string).
So this case is happening only when Force encryption is set to true and we try to connect in windows authentication mode.










share|improve this question

























  • Have you tried upgrading to a newer driver (4.1 and 4.2 are pretty old, current latest is 7.0.0)?

    – Mark Rotteveel
    Nov 10 '18 at 9:14











  • @MarkRotteveel Yes, I have tried upgrading to latest mssql jdbc driver 7.0.0 as well. No luck.

    – Vaibhav Jain
    Nov 10 '18 at 10:17











  • Which Java 8 version are you using? Things changed in the SSL/TLS support during the Java 8 release cycle, maybe there is an incompatibility with the SQL Server 2008 SSL/TLS support.

    – Mark Rotteveel
    Nov 10 '18 at 10:18











  • @MarkRotteveel One more point. When I upgrade to latest 7.0.0 driver the exception error was different com.microsoft.sqlserver.jdbc.SQLServerException:Connection reset ClientConnectionId:xxx

    – Vaibhav Jain
    Nov 10 '18 at 10:19













  • @MarkRotteveel I am using 1.8.0_191 version

    – Vaibhav Jain
    Nov 10 '18 at 10:20














5












5








5


2






I was connecting to Sql Server 2008 & 2008+ via Java program with




  • Java 8

  • Sql jdbc microsoft driver 4.1

  • Connection string: DriverManager.getConnection("jdbc:sqlserver://<Ip>;instance=MSSQLSERVER;domain=<domain>;IntegratedSecurity=true;ssl=request;", "administrator", "password");


I was able to connect successfully.
However when I enabled Force encryption to true in the sql server via sql server configuration manager.



enter image description here
I started getting following error.



com.microsoft.sqlserver.jdbc.SQLServerException: An existing connection was forcibly closed by the remote host ClientConnectionId:xxxx


FYI:
I have already tried adding below parameters in connection string.




  • ssl=request

  • ssl=require

  • encrypt=true

  • trustServerCertificate=true

  • Also I have tried upgrading the driver to 4.2 & mssql driver 7.0

  • Tried jtds driver as well

  • Point to be noted: I am able to connect to instance via ssms


EDIT 1



- Another important point - It's happening only for windows authentication (enabled via IntegratedSecurity=true; in connection string).
So this case is happening only when Force encryption is set to true and we try to connect in windows authentication mode.










share|improve this question
















I was connecting to Sql Server 2008 & 2008+ via Java program with




  • Java 8

  • Sql jdbc microsoft driver 4.1

  • Connection string: DriverManager.getConnection("jdbc:sqlserver://<Ip>;instance=MSSQLSERVER;domain=<domain>;IntegratedSecurity=true;ssl=request;", "administrator", "password");


I was able to connect successfully.
However when I enabled Force encryption to true in the sql server via sql server configuration manager.



enter image description here
I started getting following error.



com.microsoft.sqlserver.jdbc.SQLServerException: An existing connection was forcibly closed by the remote host ClientConnectionId:xxxx


FYI:
I have already tried adding below parameters in connection string.




  • ssl=request

  • ssl=require

  • encrypt=true

  • trustServerCertificate=true

  • Also I have tried upgrading the driver to 4.2 & mssql driver 7.0

  • Tried jtds driver as well

  • Point to be noted: I am able to connect to instance via ssms


EDIT 1



- Another important point - It's happening only for windows authentication (enabled via IntegratedSecurity=true; in connection string).
So this case is happening only when Force encryption is set to true and we try to connect in windows authentication mode.







java sql sql-server jdbc






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 23 '18 at 4:12







Vaibhav Jain

















asked Nov 10 '18 at 8:13









Vaibhav JainVaibhav Jain

659923




659923













  • Have you tried upgrading to a newer driver (4.1 and 4.2 are pretty old, current latest is 7.0.0)?

    – Mark Rotteveel
    Nov 10 '18 at 9:14











  • @MarkRotteveel Yes, I have tried upgrading to latest mssql jdbc driver 7.0.0 as well. No luck.

    – Vaibhav Jain
    Nov 10 '18 at 10:17











  • Which Java 8 version are you using? Things changed in the SSL/TLS support during the Java 8 release cycle, maybe there is an incompatibility with the SQL Server 2008 SSL/TLS support.

    – Mark Rotteveel
    Nov 10 '18 at 10:18











  • @MarkRotteveel One more point. When I upgrade to latest 7.0.0 driver the exception error was different com.microsoft.sqlserver.jdbc.SQLServerException:Connection reset ClientConnectionId:xxx

    – Vaibhav Jain
    Nov 10 '18 at 10:19













  • @MarkRotteveel I am using 1.8.0_191 version

    – Vaibhav Jain
    Nov 10 '18 at 10:20



















  • Have you tried upgrading to a newer driver (4.1 and 4.2 are pretty old, current latest is 7.0.0)?

    – Mark Rotteveel
    Nov 10 '18 at 9:14











  • @MarkRotteveel Yes, I have tried upgrading to latest mssql jdbc driver 7.0.0 as well. No luck.

    – Vaibhav Jain
    Nov 10 '18 at 10:17











  • Which Java 8 version are you using? Things changed in the SSL/TLS support during the Java 8 release cycle, maybe there is an incompatibility with the SQL Server 2008 SSL/TLS support.

    – Mark Rotteveel
    Nov 10 '18 at 10:18











  • @MarkRotteveel One more point. When I upgrade to latest 7.0.0 driver the exception error was different com.microsoft.sqlserver.jdbc.SQLServerException:Connection reset ClientConnectionId:xxx

    – Vaibhav Jain
    Nov 10 '18 at 10:19













  • @MarkRotteveel I am using 1.8.0_191 version

    – Vaibhav Jain
    Nov 10 '18 at 10:20

















Have you tried upgrading to a newer driver (4.1 and 4.2 are pretty old, current latest is 7.0.0)?

– Mark Rotteveel
Nov 10 '18 at 9:14





Have you tried upgrading to a newer driver (4.1 and 4.2 are pretty old, current latest is 7.0.0)?

– Mark Rotteveel
Nov 10 '18 at 9:14













@MarkRotteveel Yes, I have tried upgrading to latest mssql jdbc driver 7.0.0 as well. No luck.

– Vaibhav Jain
Nov 10 '18 at 10:17





@MarkRotteveel Yes, I have tried upgrading to latest mssql jdbc driver 7.0.0 as well. No luck.

– Vaibhav Jain
Nov 10 '18 at 10:17













Which Java 8 version are you using? Things changed in the SSL/TLS support during the Java 8 release cycle, maybe there is an incompatibility with the SQL Server 2008 SSL/TLS support.

– Mark Rotteveel
Nov 10 '18 at 10:18





Which Java 8 version are you using? Things changed in the SSL/TLS support during the Java 8 release cycle, maybe there is an incompatibility with the SQL Server 2008 SSL/TLS support.

– Mark Rotteveel
Nov 10 '18 at 10:18













@MarkRotteveel One more point. When I upgrade to latest 7.0.0 driver the exception error was different com.microsoft.sqlserver.jdbc.SQLServerException:Connection reset ClientConnectionId:xxx

– Vaibhav Jain
Nov 10 '18 at 10:19







@MarkRotteveel One more point. When I upgrade to latest 7.0.0 driver the exception error was different com.microsoft.sqlserver.jdbc.SQLServerException:Connection reset ClientConnectionId:xxx

– Vaibhav Jain
Nov 10 '18 at 10:19















@MarkRotteveel I am using 1.8.0_191 version

– Vaibhav Jain
Nov 10 '18 at 10:20





@MarkRotteveel I am using 1.8.0_191 version

– Vaibhav Jain
Nov 10 '18 at 10:20












3 Answers
3






active

oldest

votes


















2














@Vivien @MarkRotteveel Thanks for your answers which gave me directions.



It turned out that sql server with version less then 11.0 were having troubles and various improvements were done as part of 11.0 version of sql server which rectified errors of windows authentication + encrypted connections connectivity.



enter image description here



So Sql server 2012 and above will support windows authentication with TLSv1.2, windows authentication along with encrypted connections seamlessly.
Now I am using




  • Java 8

  • Sql server driver 4.2

  • Windows 10

  • No extra parameters in connection string.


Just for reference: Found on Microsoft website.
enter image description here






share|improve this answer

































    1














    It's unclear from your original question wether you have already done this, but if not, try setting both at the same time: encrypt=true;trustServerCertificate=true



    Also, what do the SQL Server logs say?






    share|improve this answer


























    • Of course I have tried setting these both parameters simultaneously. But no luck.

      – Vaibhav Jain
      Nov 11 '18 at 20:16



















    1














    I think Mark Rotteveel has right.



    You need to check your version of both Java and SQL Server 2008.

    TLS 1.2 has been enable by default in Java 8 since the u122, and appear in SQL Server 2008 only in the service pack 4 (version 10.0.6547.0, select @@VERSION; for check it)
    If you don't meet the requierment, you have to choose between update the server or downgrade your jdk.
    Perhaps their is an option in the JDK to retrieve the behavior prior to the update 122, but if it's the case, I don't know it.



    And, for information, the mssql-jdbc driver has stop the support of SQL Server 2008 after the version 6.2.






    share|improve this answer



















    • 1





      I am able to connect to Sql server 2017 with Java 8 with mssql-jdbc driver 6+ even with TLSv1.2 enabled. This problem only happens when I enable encryption in Sql server.

      – Vaibhav Jain
      Nov 23 '18 at 4:10













    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53237187%2fhow-to-connect-to-mssql-server-with-windows-authentication-and-force-encryption%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    2














    @Vivien @MarkRotteveel Thanks for your answers which gave me directions.



    It turned out that sql server with version less then 11.0 were having troubles and various improvements were done as part of 11.0 version of sql server which rectified errors of windows authentication + encrypted connections connectivity.



    enter image description here



    So Sql server 2012 and above will support windows authentication with TLSv1.2, windows authentication along with encrypted connections seamlessly.
    Now I am using




    • Java 8

    • Sql server driver 4.2

    • Windows 10

    • No extra parameters in connection string.


    Just for reference: Found on Microsoft website.
    enter image description here






    share|improve this answer






























      2














      @Vivien @MarkRotteveel Thanks for your answers which gave me directions.



      It turned out that sql server with version less then 11.0 were having troubles and various improvements were done as part of 11.0 version of sql server which rectified errors of windows authentication + encrypted connections connectivity.



      enter image description here



      So Sql server 2012 and above will support windows authentication with TLSv1.2, windows authentication along with encrypted connections seamlessly.
      Now I am using




      • Java 8

      • Sql server driver 4.2

      • Windows 10

      • No extra parameters in connection string.


      Just for reference: Found on Microsoft website.
      enter image description here






      share|improve this answer




























        2












        2








        2







        @Vivien @MarkRotteveel Thanks for your answers which gave me directions.



        It turned out that sql server with version less then 11.0 were having troubles and various improvements were done as part of 11.0 version of sql server which rectified errors of windows authentication + encrypted connections connectivity.



        enter image description here



        So Sql server 2012 and above will support windows authentication with TLSv1.2, windows authentication along with encrypted connections seamlessly.
        Now I am using




        • Java 8

        • Sql server driver 4.2

        • Windows 10

        • No extra parameters in connection string.


        Just for reference: Found on Microsoft website.
        enter image description here






        share|improve this answer















        @Vivien @MarkRotteveel Thanks for your answers which gave me directions.



        It turned out that sql server with version less then 11.0 were having troubles and various improvements were done as part of 11.0 version of sql server which rectified errors of windows authentication + encrypted connections connectivity.



        enter image description here



        So Sql server 2012 and above will support windows authentication with TLSv1.2, windows authentication along with encrypted connections seamlessly.
        Now I am using




        • Java 8

        • Sql server driver 4.2

        • Windows 10

        • No extra parameters in connection string.


        Just for reference: Found on Microsoft website.
        enter image description here







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Dec 12 '18 at 6:49

























        answered Dec 11 '18 at 11:18









        Vaibhav JainVaibhav Jain

        659923




        659923

























            1














            It's unclear from your original question wether you have already done this, but if not, try setting both at the same time: encrypt=true;trustServerCertificate=true



            Also, what do the SQL Server logs say?






            share|improve this answer


























            • Of course I have tried setting these both parameters simultaneously. But no luck.

              – Vaibhav Jain
              Nov 11 '18 at 20:16
















            1














            It's unclear from your original question wether you have already done this, but if not, try setting both at the same time: encrypt=true;trustServerCertificate=true



            Also, what do the SQL Server logs say?






            share|improve this answer


























            • Of course I have tried setting these both parameters simultaneously. But no luck.

              – Vaibhav Jain
              Nov 11 '18 at 20:16














            1












            1








            1







            It's unclear from your original question wether you have already done this, but if not, try setting both at the same time: encrypt=true;trustServerCertificate=true



            Also, what do the SQL Server logs say?






            share|improve this answer















            It's unclear from your original question wether you have already done this, but if not, try setting both at the same time: encrypt=true;trustServerCertificate=true



            Also, what do the SQL Server logs say?







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Nov 11 '18 at 20:10

























            answered Nov 11 '18 at 20:01









            Justin CerveroJustin Cervero

            34519




            34519













            • Of course I have tried setting these both parameters simultaneously. But no luck.

              – Vaibhav Jain
              Nov 11 '18 at 20:16



















            • Of course I have tried setting these both parameters simultaneously. But no luck.

              – Vaibhav Jain
              Nov 11 '18 at 20:16

















            Of course I have tried setting these both parameters simultaneously. But no luck.

            – Vaibhav Jain
            Nov 11 '18 at 20:16





            Of course I have tried setting these both parameters simultaneously. But no luck.

            – Vaibhav Jain
            Nov 11 '18 at 20:16











            1














            I think Mark Rotteveel has right.



            You need to check your version of both Java and SQL Server 2008.

            TLS 1.2 has been enable by default in Java 8 since the u122, and appear in SQL Server 2008 only in the service pack 4 (version 10.0.6547.0, select @@VERSION; for check it)
            If you don't meet the requierment, you have to choose between update the server or downgrade your jdk.
            Perhaps their is an option in the JDK to retrieve the behavior prior to the update 122, but if it's the case, I don't know it.



            And, for information, the mssql-jdbc driver has stop the support of SQL Server 2008 after the version 6.2.






            share|improve this answer



















            • 1





              I am able to connect to Sql server 2017 with Java 8 with mssql-jdbc driver 6+ even with TLSv1.2 enabled. This problem only happens when I enable encryption in Sql server.

              – Vaibhav Jain
              Nov 23 '18 at 4:10


















            1














            I think Mark Rotteveel has right.



            You need to check your version of both Java and SQL Server 2008.

            TLS 1.2 has been enable by default in Java 8 since the u122, and appear in SQL Server 2008 only in the service pack 4 (version 10.0.6547.0, select @@VERSION; for check it)
            If you don't meet the requierment, you have to choose between update the server or downgrade your jdk.
            Perhaps their is an option in the JDK to retrieve the behavior prior to the update 122, but if it's the case, I don't know it.



            And, for information, the mssql-jdbc driver has stop the support of SQL Server 2008 after the version 6.2.






            share|improve this answer



















            • 1





              I am able to connect to Sql server 2017 with Java 8 with mssql-jdbc driver 6+ even with TLSv1.2 enabled. This problem only happens when I enable encryption in Sql server.

              – Vaibhav Jain
              Nov 23 '18 at 4:10
















            1












            1








            1







            I think Mark Rotteveel has right.



            You need to check your version of both Java and SQL Server 2008.

            TLS 1.2 has been enable by default in Java 8 since the u122, and appear in SQL Server 2008 only in the service pack 4 (version 10.0.6547.0, select @@VERSION; for check it)
            If you don't meet the requierment, you have to choose between update the server or downgrade your jdk.
            Perhaps their is an option in the JDK to retrieve the behavior prior to the update 122, but if it's the case, I don't know it.



            And, for information, the mssql-jdbc driver has stop the support of SQL Server 2008 after the version 6.2.






            share|improve this answer













            I think Mark Rotteveel has right.



            You need to check your version of both Java and SQL Server 2008.

            TLS 1.2 has been enable by default in Java 8 since the u122, and appear in SQL Server 2008 only in the service pack 4 (version 10.0.6547.0, select @@VERSION; for check it)
            If you don't meet the requierment, you have to choose between update the server or downgrade your jdk.
            Perhaps their is an option in the JDK to retrieve the behavior prior to the update 122, but if it's the case, I don't know it.



            And, for information, the mssql-jdbc driver has stop the support of SQL Server 2008 after the version 6.2.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Nov 22 '18 at 15:41









            VivienVivien

            386




            386








            • 1





              I am able to connect to Sql server 2017 with Java 8 with mssql-jdbc driver 6+ even with TLSv1.2 enabled. This problem only happens when I enable encryption in Sql server.

              – Vaibhav Jain
              Nov 23 '18 at 4:10
















            • 1





              I am able to connect to Sql server 2017 with Java 8 with mssql-jdbc driver 6+ even with TLSv1.2 enabled. This problem only happens when I enable encryption in Sql server.

              – Vaibhav Jain
              Nov 23 '18 at 4:10










            1




            1





            I am able to connect to Sql server 2017 with Java 8 with mssql-jdbc driver 6+ even with TLSv1.2 enabled. This problem only happens when I enable encryption in Sql server.

            – Vaibhav Jain
            Nov 23 '18 at 4:10







            I am able to connect to Sql server 2017 with Java 8 with mssql-jdbc driver 6+ even with TLSv1.2 enabled. This problem only happens when I enable encryption in Sql server.

            – Vaibhav Jain
            Nov 23 '18 at 4:10




















            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53237187%2fhow-to-connect-to-mssql-server-with-windows-authentication-and-force-encryption%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

            Alcedinidae

            Origin of the phrase “under your belt”?