centos下 连接sqlserver (provide:SSL Provider,error:31 - Encryption(ssl/tls) handshake failed)

Microsfot.Data.SqlClient.SqlException(0x80131904):A connection was successfully established with the server, but then an error occurred during the pre-login handshake.(provide:SSL Provider,error:31 - Encryption(ssl/tls) handshake failed)

出现错误的原因为服务器默认使用的ssl为TLS1_2版本,而sqlserver需要的版本为TLSv1

sudo openssl s_client -host 127.0.0.1 -port 1433
CONNECTED(00000003)
140572016162704:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 289 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1618986419
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

修改方法如下

vim /etc/pki/tls/openssl.cnf

#在oid_section=new_oids下增加
openssl_conf = default_conf
#在文件末尾增加
[default_conf]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT@SECLEVEL=1

修改完成以后重启 sshd sudo systemctl restart sshd

posted @ 2021-04-21 14:56  FreeTimeWorker  阅读(1816)  评论(2编辑  收藏  举报