1

I recently disabled TLS 1.0 & TLS 1.1 on a web server, but it seems to have caused some issues with some of the PHP sites I'm running.

The error in question is: "[Microsoft][ODBC Driver 11 for SQL Server]Encryption not supported on the client." but I have other sites running on TLS 1.2 on the same server, I even have other PHP-based sites still able to connect to the database despite being earlier versions of PHP (5.3.28, which I think might've even been before TLS 1.2 support was added.. so not sure how they're still functional considering the server is now restricted to TLS 1.2 only).

Anyway, I've been troubleshooting this quite a while now, and would greatly appreciate any new ideas to try.

Additional Info:

Server: Windows Server 2012 R2 Standard (IIS 8)

PHP Version: 7.0.17

curl version: 7.47.1

SSL version: OpenSSL/1.0.2h

OPENSSL_VERSION_NUMBER: 1000208f

The same sites have been able to connect to the databases in the past, just apparently not through TLS 1.2

If I can provide any other info here that would be useful, just let me know and I'll update the thread.

Thanks.

jww
  • 97,681
  • 90
  • 411
  • 885
Minka
  • 15
  • 1
  • 6
  • So you server configuration uses encryption and the client no? – sepupic Jul 17 '17 at 14:36
  • In this case the web server is the "client", and the database is the "server". The web server has TLS 1.2 only enabled, and can connect to the database on a variety of sites, just not the ones running PHP 7.0.17. In terms of "encryption", my only guess right now is that I must be missing some SQL Server driver, but if that was the case it seems strange that other sites can connect to the database perfectly fine. – Minka Jul 17 '17 at 14:56

1 Answers1

1

For an SSL connection failure,you may have to look into both sides (both the client and server side). Please check the sql server and verify if it with the help of this article on TLS 1.2

Also for the ODBC driver as well,you have to make sure all the components are updated.Refer this msdn .

There is also this powershell script which can be executed to figure out which drivers needs to be updated.

Rohith
  • 5,527
  • 3
  • 27
  • 31
  • Thanks very much for the help :) Managed to use those to figure out what drivers I was missing and get them installed. Much appreciated! – Minka Jul 19 '17 at 23:46