Resolving SQL Connection Errors Due to SSL Certificate Issues | DevsDay.ru

IT-блоги Resolving SQL Connection Errors Due to SSL Certificate Issues

DZone Security 7 апреля 2021 г. Ryan Kh


SSL certificates are very important for authenticating websites and ensuring connections are encrypted. However, there are some scenarios when they can create headaches. Rather than throw the baby out with the bathwater and abandon the use of SSL, you should know how to use them properly.

One issue that you can run into will occur when connecting with a remote computer. You might try to connect to an SQL Server from a remote computer with the same credentials that you used to connect locally. Unfortunately, you might receive an error like this.

“A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.) (.Net SqlClient Data Provider).”

There is no way to connect to the server when this error message occurs. The message discusses a certificate and references the SSL provider of the SQL Server. However, you have not installed a certificate on the server, so you won’t be able to identify the underlying issue.

You need to know how to resolve these issues. You also need to make sure that they work with different content settings, such as PowerPoint templates created with a tool like SlideUplift. I mentioned this in my previous article Relationship Between SSL Certificate Key Length and SQL Performance, which established the importance of optimizing SSL when testing PowerPoint presentations and other content settings.

The server will install a self-signed certificate for it, unless you specify that you would like another one to be setup. This certificate is created by the SQL Server. It won't be supported by a real public key infrastructure. This means that the certificate can encrypt communications and validate their integrity. Unfortunately, it does not verify that you are connecting to the right server, since the only 'authority' that assures us that the server is the correct one is the server itself.

That is precisely what this error message is about. What it tells us is that, by default, as the identity of the server cannot be verified, it does not allow the connection.

Something similar happens with many other services that use an SSL certificate by default. For example, when connecting for the first time to a remote computer using a Terminal Server (also called Remote Desktop), you will be asked whether or not you want to trust the certificate and therefore connect to the server.

This makes sense since there are three main purposes of a digital certificate:

  • Privacy of the information, which includes encrypting communications in transit.
  • The integrity of the communication, which combines them with digital summaries.
  • Trust, which is ensured by verifying that communications come from whom they say they come from and that they are not communicating with their intended servers.

The first two purposes can’t be supported if trust is not adequately established.

How Do You Solve This Problem?

If the error is issued by the SQL Server Management Studio when you try to connect from the login screen, then you have to go to the advanced options of that dialog. After reaching this section, you will need to go to the tab named 'Connection Properties' and make sure that the 'Encrypt connection' option is checked.

You can always uncheck it and prevent the error from occurring, but then the traffic between your computer and the remote SQL Server will no longer be secured, which entirely defeats the purpose of SSL encryptions.

The next step is to go to the 'Additional Connection Parameters' tab. You must then write a switch to make the connection trust the remote SQL Server certificate. This additional parameter is:

TrustServerCertificate=True.

Just type it in the text box in that window. After clicking on 'Connect,' you will notice that the error disappears and will be able to work normally.

If the error is being given by an application, we only have to modify the connection string and put the same parameter at the end.

If you do this, then you have to be sure that the server we are connecting to is the one we are interested in and that no security problem could be falsifying the DNS so that you connect to another site.

Источник: DZone Security

security ssl certificate sql (structured query language)

Читайте также


8 Best Practices To Reduce Your AWS Bill for Kubernetes

DevOps DZone DevOps 20 апреля 2021 г. 18:31
If your AWS Kubernetes bill went way over your budget this month, it’s not your fault. Typically, companies go over their cloud budgets by 23% (Flexera).  Cloud providers aren’t exactly helping here. The bills are long, complicated, and har...... читать далее
devops aws kubernetes k8s aws cost cloud optimization cloud compute

An Analysis of Near-Field Communication

Безопасность DZone Security 20 апреля 2021 г. 18:05
Introduction From telegraphs to online video calls and from fax machines to emails, the communication means have evolved exceptionally. Now the world has shifted from wired networks to wireless transmission, the internet being the most significant mo...... читать далее
mobile secuirty nfc identification nfc smartphone nfc top 5 security issues

DevOps ubuntu.com 20 апреля 2021 г. 16:27

It’s that time of the year again! KubeCon and CloudNativeCon Europe 2021 are just around the corner and, as always, Canonical and Ubuntu have a lot cooking in the Kubernetes oven especially for the event. This year, we’ll be showcasing solutions and...... читать далее

Cloud Native CNCF containers edge events k8s KubeCon kubernetes MicroK8s

DevOps linuxhint.com 20 апреля 2021 г. 14:32

LINUX HINT NEW ARTICLES Below are newly publish articles this week on our siteLinuxHint.com LINUX HOWTO How to Check if a Filesystem is Mounted in Linux? Sort “du” Command by Size Grep with the Line Number in Output How to Install Duplicity on Ubuntu...... читать далее

Linux Hint Report

DevOps noobslab.com 20 апреля 2021 г. 14:20

The information system sector is an extensive subject within IT that focuses primarily on computers, networks, and their users. All modern companies need a way to collect data and transform it into something useful that they can use in their decision...... читать далее

Дизайн UX Planet 20 апреля 2021 г. 13:51

In this case study, I am going to innovate with the design process and unravel my decisions and thinking for a better understanding of my motivations.The story that led to InnovationA doctor in a medical hospital was taking a break and sipping coffee...... читать далее

ux-research ux-writing ux-strategy figma ux-design

DevOps linuxhint.com 20 апреля 2021 г. 13:07

Among many other features, user accessibility, cutting-edge software, and automated tools make Manjaro the next best Linux distribution. As an Arch Linux derivative, Manjaro provides new users with an Arch experience via an intuitive interface, uniqu...... читать далее

Manjaro

Популярные темы

новости (393) ux (363) design (329) headline (271) python (226) ubuntu (220) ux-design (217) devops (206) новость (204) javascript (201) web dev (193) security (188) seo (150) tutorial (141) working in tech (137) дайджесты вакансий от new.hr (136) статьи (131) ui (127) programming (118) testing roundup (116) software testing (113) user-experience (111) дизайн (99) product-design (94) google (93) java (90) игровые проекты (85) ui-design (84) design-thinking (84) primary (77) api5 (76) технологии (76) движки и конструкторы игр (70) прочее (70) job hunting (68) windows 10 (68) бизнес (68) php (66) bash programming (66) laravel (65) technology (65) debian (61) hardware (60) css (59) linux mint (57) uncategorized (56) обучение (56) мероприятия (56) работа (52) docker (51) español (51) covid-19 (50) web design and applications (49) cloud (49) android (49) case-study (49) chrome (48) турбо-страницы (47) инструкции (46) обзоры (46) tutorials (46) data (45) ux-research (45) machine learning (44) publication (44) angular (44) networking (44) навыки алисы (43) inspiration (43) home page stories (43) разработчики (42) apple (42) kubernetes (42) web (41) art (41) job skills (41) c++ (41) powershell (41) ios (40) kali linux (40) mysql mariadb (40) google ads (39) cybersecurity (39) virtual reality (39) автоматизация (38) wp (38) vue.js (37) маркетинг (37) wordpress (36) aspnet (36) тестирование (36) события (36) arch linux (36) полезное (36) productivity (36) marketing (36) кейсы (35) css 3 (35) events (35) smm (35)