Bug in ODBC SQL Server and OLEDB driver on Windows server 2016 when connecting to SQL Server 2019 running on Windows Server 2022?

Svein 1 Reputation point
2022-10-31T14:22:55.04+00:00

Hi

We have an environment running of Windows Servers 2016, 2019 and 2022 and have some issues when we it comes to Windows Server 2016. When we are setting up an ODBC connection using SQL Server standard driver to connect to the new database server running on SQL 2019 on Windows Server 2022 we get following errors:

Connection failed
SQLState: '01000'
[Microsoft][ODBC SQL Sever Driver][DBNETLIB]ConnectionOpen
(SECDoClientHandshake()).
Connection failed:
SQLState: '08001'
SQL Server Error: 18
[Microsoft][ODBC SQL Sever Driver][DBNETLIB]SSL Security error

When I do the setup on an Window Server 2019 it all work fine.
We have also tested an SQL Server 2019 running on Window Server 2019 and than tested ODBC Connection on Window Server 2016 and Windows Server 2019 and that also works well.
But when using Windows Server 2016 with ODBC SQL Server connection to SQL Server 2019 running on Windows Server 2022 fails.
The same issues also when using OLEDB Driver.

Technical information:
SQLSRV32.DLL version 10.00.14393.5427 (on Windows Server 2016)

For information we have found an workaround which is to install and use ODBC Driver 11 for SQL Server and that works fine.

Is there at bug in the standard OCBC drivers on Windows Server 2016 when it tries to connect to Windows Server 2022?

Br
Svein

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,555 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Sebastian Engdahl 1 Reputation point
    2023-01-06T08:10:40.233+00:00

    Hi @Svein

    Did you ever find a solution for this? Where seeing the same isssue in our environment.


  2. Svein 1 Reputation point
    2023-01-06T10:14:51.87+00:00

    Hi

    Yes, actually we found an solution/workaround.

    Windows Server 2022 has be default disabled the TLS version 1.0 and 1.1 so you have to enabled them manually in Registry.

    How to enable TLS 1.0 and TLS 1.1:

    1. Run regedit.exe
    2. Go to path HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
    3. Add Key TLS 1.0
    4. Add Key TLS 1.1
    5. Go to the key TLS.1.0
    6. Add Key Client
    7. Add Key Server
    8. Go to key Client
    9. Add DWORD Enabled og set value data to 1
    10. Go to key Server
    11. Add DWORD Enabled og set value data to 1
    12. Go to the key TLS.1.1
    13. Add Key Client
    14. Add Key Server
    15. Go to key Client
    16. Add DWORD Enabled og set value data to 1
    17. Go to key Server
    18. Add DWORD Enabled og set value data to 1
    19. Close Regedit

    After this registry settings is done you have reboot the server.
    If you don't TLS 1.0 you don't need set it up or you can set the Enabled value data to 0.

    Good luck.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.