Failed to create/setup connection: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Connection reset ClientConnectionId:ebd0ff64-b053-4919-b90d-6a43ec79f25f". #1127
Labels
Bug
A bug in the driver. A high priority item that one can expect to be addressed quickly.
Comments
|
hi @satscreate 6.2.2 is quite an old version of the driver we have had some fixes relating to pooling since then. Could you please upgrade to the latest version of the driver? We have just released v7.4.1. If the problem persists with the latest version, can you please provide us with a standalone JDBC program that reproduces the issue you are seeing? Thanks |
|
Thanks @lilgreenbird , |
|
I'm afraid this issue isn't solved using version 7.4.1
We installed 7.4.1 and everything seemed ok for 7 days, but we just had it again today. This is a huge issue for us, because it renders the pool unusable and the pool is no longer able to open new connections; only Java restart solves it. The exception is the same @satscreate reported: |
|
@jarodriguez-itsoft Thanks for the testing... Is this issue still be able to replicated in new driver??? Let me know if there is any workaround for the same meanwhile.. |
I'm not a project mantainer, just another end-user like you who has been hitting this issue since some weeks ago. |
|
@jarodriguez-itsoft Ho..sorry...if database closing the connection on another side then setting up less idletimeout than db in application would solve the issue? Have u got a chance to test that behavior? |
|
I've been experiencing this issue for the last week or so, my database is running on a Linux instance and I believe it's a bug on the server side. |
|
I downgraded using |
This is happening on production server, randomly. It may pass a week to it to appear, or appear many times in a couple of hours.
Driver connects to Azure database, downgrading is not an option... |
|
Hi everyone, |
|
Hi ulvii,
Our system:
We will add the debug you mention to our test server; we can't add it to production server as it generates lot of network traffic per second and may seriously affect performance. Thanks! |
What debug level do we set? ALL level is throwing away massive info |
Try set -Djavax.net.debug=ssl |
|
Thanks. This reduced significantly log size, but still generating huge ones xD A couple of updates:
They both mention two facts:
Hope this helps |
|
Thanks ..I have enabled the same...also I have added in jdbc url to use tls1 with latest driver updated for one of the instance running... Add sslProtocol=TLSv1. I'll post if that helps @jarodriguez-itsoft |
|
Thanks all for the updates. @jarodriguez-itsoft, did you manage to capture SSL logs when the failure happens? Is so, please share on the thread. @satscreate , please let us know if the issue happens with TLSv1 too. Note that Based on the trace from @satscreate, looks like server resets the connection when the driver is waiting for handshake data. Please try to capture JDBC trace or network trace (Wireshark), we will look for hints. |
|
Hi everyone, is the issue still happening? Any updates regarding JDBC/SSL/Network trace? |
Hi @ulvii Just updated to latest driver and using sslProtocol=TLSv1.1 and started the servers recently. Will post the observations in some more days. |
Any clues??? @jarodriguez-itsoft |
@ulvii , Attaching spring log for reference. |
|
Hi @satscreate , |
Hi @ulvii , Hikari log: Spring.log |
|
In my experience this was a patch issue on windows |
@nasabox can you elaborate the fix perspective in more detail please. You meant some patching had to be done in database installation? |
|
@satscreate The rollup patch consists of several patches. |
|
A similar case is windows server 2016 On windows server 2016, I get a "Could not generate DH keypair" error using DH 2048 bit for SSL handshake and 1024 as default value in JDK. This can be prevented by upgrading the WAS JDK version (1.7.85, 1.8 or higher) or adding |
|
@satscreate any luck on finding a resolution to this issue? I am having a very similar issue. |
|
kb3172614 , KB3163018 delete - server 2012 (Ms-SQL) |
|
Hi everyone, |
|
@ulvii , why was this closed? Even if the Windows server started sending random data, caught fire and exploded, it shouldn't cause the driver to fundamentally fail in a non-recoverable way. The fact that restarting the JVM instantly fixes the problem means this is a driver issue regardless of what the underlying cause might be. (For what its worth, we're seeing the identical problem with SQL Azure instances.) |
|
@lpghartz ,
You can run into similar issue because of client OS/JAVA, please try the suggestions above to find the root cause. |
|
I am facing the same issue. Tried to add the loginTimout=90 to the connection string which fixes the issue. Is there any relation between the SSL error and login timeout? |
|
@sunmuthukumar . The only relation I can think of is you are running into the issue described in this article for which the driver has retry logic for. In this scenario, the driver will attempt to retry 5 times at most before loginTimeout expires. |
|
@ulvii . 1% to 5% connectivity issue happens with error message. Even after upgrading the jar to 8.4.1. Why this issue is closed ? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Driver version
<mssql-jdbc.version>6.2.2.jre8</mssql-jdbc.version>
mssql-jdbc-6.2.2.jre8
SQL Server version
Microsoft SQL Server 2012 (SP1) - 11.0.3000.0 (X64) Oct 19 2012 13:38:57 Copyright (c) Microsoft Corporation Enterprise Edition (64-bit) on Windows NT 6.2 (Build 9200: )
Client Operating System
Windows 10
JAVA/JVM version
jdk1.8.0_202
Problem description
Expected behaviour:
The new connection should be enabled in the Hikari spring setup.
Actual behaviour:
Hikari pool connection dropped from max to 0 one by one at some point (it happens every two or three days once). And finally when it reaches HikariPool-1 - Pool stats (total=0, active=0, idle=0, waiting=0) then i see below exception.
Error message/stack trace:
At this time 2019-08-06 05:22:03.653 application instance killed. not sure what reason but i can see the restart script started after that time.
JDBC trace logs
let me know , i can add spring TRACE log
Reproduction code
Hikari config: This issue is happening in production, as i see only this trace from the database log,
The text was updated successfully, but these errors were encountered: