CF2016 JDBC SQL Server 2016 SSL Connections work around

Explorer ,
Sep 13, 2017 Sep 13, 2017

Copy link to clipboard

Copied

Hello Community.

Recently my team tackled a POC using CF2016 on RHEL 7 connecting to SQL Server 2016 running on Server 2016 and ran into a curious problem.

The problem was this nasty error when setting up the Macromedia JDBC DSNs pointed at SQL Server 2016 with EncryptionMethod=SSL in the connection string :

Connection verification failed for data source: MyTestDatabaseDSN

java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]SSL handshake failed: Unsupported curveId: 29

The root cause was that: java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]SSL handshake failed: Unsupported curveId: 29

Our server Specs:

RHEL 7

CF2016 2016.0.05.303689

Java 1.8.0_144

Tomcat 8.5.11.0

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy 8 files

The DSNs worked fine without SSL enabled.

Has anyone else experienced this?  It sure seems like a bug in the shipped JDBC driver.

Our work around currently is to use the Microsoft JDBC 6.2 driver : https://www.microsoft.com/en-us/download/details.aspx?id=55539

The process for implementing it is really straight forward, I hope this comes in handy for someone else running into this:

Step 1. wget https://download.microsoft.com/download/3/F/7/3F74A9B9-C5F0-43EA-A721-07DA590FD186/sqljdbc_6.2.1.0_e...

Step 2. tar -xvf sqljdbc_6.2.1.0_enu.tar.gz

Step 3. sudo cp sqljdbc_6.2/enu/mssql-jdbc-6.2.1.jre8.jar /opt/coldfusion2016/cfusion/lib/

Step 4. confirm proper ownership and permissions after copying jar to lib and restart the instance

Step 5. login to CFAdmin and create a new DSN, choose Other for the Driver and use the following example for entry values :

JDBC URL

jdbc:sqlserver://<serverIP>:1433;databaseName=YourDatabase;selectMethod=direct;sendStringParametersAsUnicode=true

Driver Class

com.microsoft.sqlserver.jdbc.SQLServerDriver

Driver Name

Microsoft JDBC Driver 6.2 for SQL Server

Connection String

EncryptionMethod=SSL;ValidateServerCertificate=false;

Views

3.5K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Apr 25, 2018 Apr 25, 2018

Copy link to clipboard

Copied

LATEST

Thanks for the work around.

Just to note - we tried installing the latest JAVA 8 and CF Hotfix 6, but the problem still persists with the built in CF drivers.

For folks using a windows server, download the .exe version instead from Download Microsoft JDBC Driver 6.2 for SQL Server from Official Microsoft Download Center

It is a self extracting exe.  Pull the .jar file from the extracted files and copy to your coldfusion2016/cfusion/lib directory and proceed as above.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines