Recently my team tackled a POC using CF2016 on RHEL 7 connecting to SQL Server 2016 running on Server 2016 and ran into a curious problem.
The problem was this nasty error when setting up the Macromedia JDBC DSNs pointed at SQL Server 2016 with EncryptionMethod=SSL in the connection string :
Connection verification failed for data source: MyTestDatabaseDSN
java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]SSL handshake failed: Unsupported curveId: 29
The root cause was that: java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]SSL handshake failed: Unsupported curveId: 29
Our server Specs:
Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy 8 files
The DSNs worked fine without SSL enabled.
Has anyone else experienced this? It sure seems like a bug in the shipped JDBC driver.
Our work around currently is to use the Microsoft JDBC 6.2 driver : https://www.microsoft.com/en-us/download/details.aspx?id=55539
The process for implementing it is really straight forward, I hope this comes in handy for someone else running into this:
Step 2. tar -xvf sqljdbc_22.214.171.124_enu.tar.gz
Step 3. sudo cp sqljdbc_6.2/enu/mssql-jdbc-6.2.1.jre8.jar /opt/coldfusion2016/cfusion/lib/
Step 4. confirm proper ownership and permissions after copying jar to lib and restart the instance
Step 5. login to CFAdmin and create a new DSN, choose Other for the Driver and use the following example for entry values :
Microsoft JDBC Driver 6.2 for SQL Server
Thanks for the work around.
Just to note - we tried installing the latest JAVA 8 and CF Hotfix 6, but the problem still persists with the built in CF drivers.
For folks using a windows server, download the .exe version instead from Download Microsoft JDBC Driver 6.2 for SQL Server from Official Microsoft Download Center
It is a self extracting exe. Pull the .jar file from the extracted files and copy to your coldfusion2016/cfusion/lib directory and proceed as above.