1

I am getting below connection exception, when trying to connect to SQL Server using JDBC.

Can someone please help, with this issue?

I am using sqljdbc4.jar file to connect to SQL Server

Code is as below

String dbURL = "jdbc:sqlserver://10.156.54.123;encrypt=false;DatabaseName=PRA;sslProtocol=TLSv1;";
 String user = "username";
 String pass = "password";
 conn = DriverManager.getConnection(dbURL, user, pass);

This is the exception.

Nov 14, 2020 8:33:01 PM com.microsoft.sqlserver.jdbc.TDSChannel enableSSL INFO: java.security path: /usr/java/jdk1.8.0_261-amd64/jre/lib/security Security providers: [SUN version 1.8, SunRsaSign version 1.8, SunEC version 1.8, SunJSSE version 1.8, SunJCE version 1.8, SunJGSS version 1.8, SunSASL version 1.8, XMLDSig version 1.8, SunPCSC version 1.8] SSLContext provider info: Sun JSSE provider(PKCS12, SunX509/PKIX key/trust factories, SSLv3/TLSv1/TLSv1.1/TLSv1.2/TLSv1.3) SSLContext provider services: [SunJSSE: KeyPairGenerator.RSA -> sun.security.rsa.RSAKeyPairGenerator$Legacy aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1] , SunJSSE: Signature.SHA1withRSA -> sun.security.rsa.RSASignature$SHA1withRSA aliases: [1.2.840.113549.1.1.5, 1.3.14.3.2.29, OID.1.2.840.113549.1.1.5] attributes: {SupportedKeyClasses=java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey} , SunJSSE: SSLContext.TLS -> sun.security.ssl.SSLContextImpl$TLSContext aliases: [SSL] , SunJSSE: SSLContext.TLSv1 -> sun.security.ssl.SSLContextImpl$TLS10Context aliases: [SSLv3] , SunJSSE: Signature.MD2withRSA -> sun.security.rsa.RSASignature$MD2withRSA aliases: [1.2.840.113549.1.1.2, OID.1.2.840.113549.1.1.2] attributes: {SupportedKeyClasses=java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey} , SunJSSE: KeyFactory.RSA -> sun.security.rsa.RSAKeyFactory$Legacy aliases: [1.2.840.113549.1.1, OID.1.2.840.113549.1.1] , SunJSSE: Signature.MD5withRSA -> sun.security.rsa.RSASignature$MD5withRSA aliases: [1.2.840.113549.1.1.4, OID.1.2.840.113549.1.1.4] attributes: {SupportedKeyClasses=java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey} , SunJSSE: KeyStore.PKCS12 -> sun.security.pkcs12.PKCS12KeyStore , SunJSSE: TrustManagerFactory.SunX509 -> sun.security.ssl.TrustManagerFactoryImpl$SimpleFactory , SunJSSE: KeyManagerFactory.SunX509 -> sun.security.ssl.KeyManagerFactoryImpl$SunX509 , SunJSSE: TrustManagerFactory.PKIX -> sun.security.ssl.TrustManagerFactoryImpl$PKIXFactory aliases: [SunPKIX, X509, X.509] , SunJSSE: KeyManagerFactory.NewSunX509 -> sun.security.ssl.KeyManagerFactoryImpl$X509 aliases: [PKIX] , SunJSSE: SSLContext.Default -> sun.security.ssl.SSLContextImpl$DefaultSSLContext , SunJSSE: SSLContext.TLSv1.1 -> sun.security.ssl.SSLContextImpl$TLS11Context , SunJSSE: Signature.MD5andSHA1withRSA -> sun.security.ssl.RSASignature , SunJSSE: SSLContext.TLSv1.3 -> sun.security.ssl.SSLContextImpl$TLS13Context , SunJSSE: SSLContext.TLSv1.2 -> sun.security.ssl.SSLContextImpl$TLS12Context ] java.ext.dirs: /usr/java/jdk1.8.0_261-amd64/jre/lib/ext:/usr/java/packages/lib/ext com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Unexpected rethrowing".

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Pranav
  • 363
  • 8
  • 19

2 Answers2

2

Hey you have to just follow below steps to resolve your issue:---

You just have to: Go to java folder:---

 1)Find file “java.security” in folder “jre\conf\security”
   
    
2)`In this java.security file, find “3DES_EDE_CBC” linked to “jdk.tls.disabledAlgorithms”`
    
3)Remove it!
    
    Sample:
    If file "C:\Users\myUser\AppData\jre\conf\security\java.security"
    
    ORIGINAL:
    
    jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024,
    EC keySize < 224, 3DES_EDE_CBC, anon, NULL
    
    NEW (after removing “3DES_EDE_CBC”):
    
    jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024,
    EC keySize < 224, anon, NULL
priyranjan
  • 674
  • 6
  • 15
  • Thank You so much. It is working very fine. Instead of updating the original file, I am passing the file as parameter java -Djava.security.properties= – Pranav Nov 15 '20 at 06:05
  • welcome buddy. yes, you can do like that also but make sure "3DES_EDE_CBC" should not be there. – priyranjan Nov 15 '20 at 08:15
  • 3
    It looks like you copied this from somewhere else. Please provide the necessary attribution and link to that source. If this was written by yourself, then please edit it to fix the formatting (normal text does not belong in a code block). – Mark Rotteveel Nov 15 '20 at 18:00
  • i am new to this plateform , donno how to decorate text buddy. don't worry i have faced this issue n many more mssql issue – priyranjan Nov 15 '20 at 18:09
  • I had to remove `TLSv1, TLSv1.1` as well from the `jdk.tls.disabledAlgorithms`. See https://stackoverflow.com/a/68149843/606662 – Markus Pscheidt Mar 28 '22 at 15:10
1

In case the above solution doesn't work for anyone. Try replacing the sql-jdbc jar with mssql-jdbc-8.4.1 jar.

Posting this because the above approach didn't work for me. The workaround for me on the exception - The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Unexpected rethrowing" was to replace the jar.

Reza Heidari
  • 1,192
  • 2
  • 18
  • 23
Ruhul Hussain
  • 126
  • 8