| Table of Contents |
|---|
Revision History
| Date | Change | Author |
|---|---|---|
| 27/02/2020 | Initial version | SL |
| 03/09/2020 | Add known issues and steps to force TLS 1.2 | SL |
Securing Connections to SQL Server
...
List current as at
| Issue | Workaround | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Crystal Reports fail from Synmain when TLS 1.0 is disabled Cause: Synergetic 'ODBCAutoConfig' and File > Workstation Config defaults to using SQLSRV32.DLL This is due to the default ODBC driver SQLSRV32.DLL which does not support TLS 1.1+
| Disable ODBCAutoConfig (HKLM\Software\Wow6432Node\ComputingDirections\ODBCAutoConfig = 0) - note that this cannot be disabled in multi-tenant environments at this stage. Change ODBC reg setting to use newer SQL driver Key: HKCU\Software\ODBC\odbc.ini\Synergetic\Driver Value: 'C:\Windows\system32\sqlncli11.dll' The ODBC settings will require manual update via reg key import to switch between environments (prod/dev/test) or tenants in a multi-tenant environment. | ||||||||||
| SEQTA Sync JDBC error | none available |
SQL Server TLS Configuration Steps
...
Sample encrypted traffic (TLS enabled)
Certificate Management (Important)
With encryption forced on the SQL Server it is critical that a trusted and current certificate is maintained on the server. After the certificate expiry the server will stop accepting connections until the certificate is replaced with a new one, so proactive certificate management should be scheduled to replace the certificate ahead of the expiry and avoid any outages.
Reference articles
https://blog.coeo.com/securing-connections-to-sql-server-with-tls
...