BUG: You cannot connect to an instance of SQL Server on a server computer after you turn on SSL encryption on the SQL Server client computer (839617)
The information in this article applies to:
- Microsoft SQL Server 2000 (all editions)
SYMPTOMSWhen you enable Secure Sockets Layer (SSL) encryption by turning on the Force protocol encryption option on the Microsoft SQL Server client computer, and you try to connect to an instance of SQL Server on a server computer, you may not be able to connect
to that instance of SQL Server. Additionally, you may receive the following
error message: Error 0x800b010f (CERT_E_CN_NO_MATCH)
returned by CertVerifyCertificateChainPolicy! [12:52:31.555]
ConnectionOpen(Supersock): FAILed in SECDoClientHandshake, Error 0x800b010f
Note You can set the Force protocol encryption option by using the Client Network Utility on the SQL
Server client computer. This problem may occur if the following
conditions are true:
WORKAROUNDTo work around this problem, turn off SSL encryption on the SQL Server client computer, and then turn on SSL encryption on the SQL Server server computer. To turn on the Force protocol encryption option on the SQL Server server computer, use the Server Network Utility. To do this, follow these steps. Note Do not turn on the Force protocol encryption option on both the SQL Server client computer and the SQL Server server computer. - Start Server Network Utility.
- In the Server Network Utility dialog box, click the General tab.
- On the General tab, click Force protocol encryption.
- Click OK.
Warning If you turn on SSL encryption on the server computer that is running SQL server,
all the SQL Server client computers must connect to the SQL Server server computer by
using SSL encryption. STATUSMicrosoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.REFERENCESFor more information about SSL encryption, visit the
following Microsoft Developer Network (MSDN) Web site:
For more information about SSL encryption and SQL
Server, click the following article number to view the article in the Microsoft Knowledge Base:
318605
How SQL Server uses a certificate when the Force Protocol Encryption option is set on
For more information about other SQL Server connectivity issues when
SSL encryption is turned on, click the following article numbers to view the articles in the Microsoft Knowledge Base:
316779
Clients with Force Protocol Encryption set on may fail to connect with an IP address
322144 FIX: SECDoClientHandShake cannot connect to SQL Server
309398 SQL Server 2000 installation or local connections fail with "SSL Security error
:ConnectionOpen (SECDoClientHandshake())" error message
Modification Type: | Major | Last Reviewed: | 10/10/2005 |
---|
Keywords: | kbQFE kbfix kbCertServices kbenable kbemail kbconnectivity kbSqlClient kbServer KbClientServer kberrmsg kbbug KB839617 kbAudDeveloper |
---|
|