1

I have an asp.net core 3.1 API and it run on docker container. Docker work on Linux server and when asp.net Core API try to connect to Microsoft SQL Server (work on Window Server 2016) get an error like this:

System.Data.SqlClient.SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: SSL Provider, error: 31 - Encryption( ssl /tls) handshake failed)**

API work on http but API Gateway is https.

MaartenDev
  • 5,631
  • 5
  • 21
  • 33
Kerem Can
  • 31
  • 2
  • 6

1 Answers1

1

SQL Server doesn't support TLS 1.2

Recommended Solution: Install the latest updates on supported versions of SQL Server1 and ensure the TLS 1.2 protocol is enabled on the server.

Insecure solution: Configure TLS/SSL settings in the docker image/client environment to connect with TLS 1.0.

Change content of following file: /etc/ssl/openssl.cnf

Replace following:

[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT@SECLEVEL=2

With following:

[system_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT@SECLEVEL=1

With following dockerfile command:

RUN sed -i 's/^MinProtocol\s*=.*$/MinProtocol = TLSv1/g' /etc/ssl/openssl.cnf && \
    sed -i 's/^CipherString\s*=.*$/CipherString = DEFAULT@SECLEVEL=1/g' /etc/ssl/openssl.cnf

Reference: https://learn.microsoft.com/en-us/sql/connect/ado-net/sqlclient-troubleshooting-guide?view=sql-server-ver16#possible-reasons-and-solutions

Ilia
  • 147
  • 1
  • 7