Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Unexpected rethrowing".
See original GitHub issueDriver version
mssql-jdbc-7.1.2.jre11 mssql-jdbc-7.0.0.jre10 ( i think I got the problem with this one too)
Problem / Question
I’ve been refactoring my database connection code, and I probably have a new non-oblivious problem since but I need some pointers on what is going on in the mssql driver.
I seem to have random problems creating SQL connections that otherwise would work ok. I get the following stacktraces while connecting to a NON-ENCRYPTED sql server 2017 database.
Can someone explain the TDS Prelogin negociations vs SSL vs any other encryption scheme that might explain why I get this exception sometimes ? Or is this wrong exception message ? Is there some SSL going on to login even if we don’t have encrption setup on the sql server side ?
com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Unexpected rethrowing".
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:2826)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1829)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:2391)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:2042)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:1889)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:1120)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:700)
at java.sql/java.sql.DriverManager.getConnection(Unknown Source)
Caused by: javax.net.ssl.SSLProtocolException: Unexpected rethrowing
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1756)
... 41 more
Caused by: java.io.IOException: SQL Server returned an incomplete response. The connection has been closed. ClientConnectionId:b9ef7c65-28e5-4858-9cc1-642eaa2725d1
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.ensureSSLPayload(IOBuffer.java:786)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.readInternal(IOBuffer.java:836)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.read(IOBuffer.java:829)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.readInternal(IOBuffer.java:999)
at com.microsoft.sqlserver.jdbc@7.1.2.jre11-preview/com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.read(IOBuffer.java:989)
at java.base/sun.security.ssl.SSLSocketInputRecord.read(Unknown Source)
at java.base/sun.security.ssl.SSLSocketInputRecord.decode(Unknown Source)
... 46 more
Issue Analytics
- State:
- Created 5 years ago
- Comments:38 (10 by maintainers)
Top Results From Across the Web
The driver could not establish a secure connection to SQL ...
The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Unexpected rethrowing".
Read more >The driver could not establish a secure connection to SQL ...
The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Unexpected rethrowing".
Read more >com.microsoft.sqlserver.jdbc.SQLServerException:The driver ...
SQLServerException:The driver could not establish a secure connection to SQL Server by using SSL encr. Error: "Unexpected rethrowing".
Read more >"Unexpected rethrowing" error prevents a secure SSL ...
Reason : [The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: ...
Read more >RetryError[<Future at 0x7f735f4aceb0 state=finished raised ...
SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: " ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@peterbae Its the most simple one:
by rapidly reloading data in my app I just got the exception again (even with encrypt=false which I just added).
Could you use connection property
sslProtocol=TLSv1to force the driver to use TLS 1.0 and let me know if you are still seeing failures? Your connection string would becomejdbc:sqlserver://WKS-DEV-23;encrypt=false;user=user;password=xxxxxx;applicationName=xxx;databaseName=XXXXX;sslProtocol=TLSv1;