0 Replies Latest reply on Sep 13, 2017 2:52 PM by jbrock777

    CF2016 JDBC SQL Server 2016 SSL Connections work around

    jbrock777 Level 1

      Hello Community.

       

      Recently my team tackled a POC using CF2016 on RHEL 7 connecting to SQL Server 2016 running on Server 2016 and ran into a curious problem.

       

      The problem was this nasty error when setting up the Macromedia JDBC DSNs pointed at SQL Server 2016 with EncryptionMethod=SSL in the connection string :

       

      Connection verification failed for data source: MyTestDatabaseDSN

      java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]SSL handshake failed: Unsupported curveId: 29

      The root cause was that: java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]SSL handshake failed: Unsupported curveId: 29

       

       

      Our server Specs:

      RHEL 7

      CF2016 2016.0.05.303689

      Java 1.8.0_144

      Tomcat 8.5.11.0

      Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy 8 files

       

      The DSNs worked fine without SSL enabled.

       

      Has anyone else experienced this?  It sure seems like a bug in the shipped JDBC driver.

       

       

      Our work around currently is to use the Microsoft JDBC 6.2 driver : https://www.microsoft.com/en-us/download/details.aspx?id=55539

       

      The process for implementing it is really straight forward, I hope this comes in handy for someone else running into this:

       

      Step 1. wget https://download.microsoft.com/download/3/F/7/3F74A9B9-C5F0-43EA-A721-07DA590FD186/sqljdbc _6.2.1.0_enu.tar.gz

       

      Step 2. tar -xvf sqljdbc_6.2.1.0_enu.tar.gz

       

      Step 3. sudo cp sqljdbc_6.2/enu/mssql-jdbc-6.2.1.jre8.jar /opt/coldfusion2016/cfusion/lib/

       

      Step 4. confirm proper ownership and permissions after copying jar to lib and restart the instance

       

      Step 5. login to CFAdmin and create a new DSN, choose Other for the Driver and use the following example for entry values :

       

      JDBC URL

      jdbc:sqlserver://<serverIP>:1433;databaseName=YourDatabase;selectMethod=direct;sendStringP arametersAsUnicode=true

       

      Driver Class

      com.microsoft.sqlserver.jdbc.SQLServerDriver

       

      Driver Name

      Microsoft JDBC Driver 6.2 for SQL Server

       

      Connection String

      EncryptionMethod=SSL;ValidateServerCertificate=false;