Service does not start after upgrading to 17.3 RU14

book

Article ID: 241453

calendar_today

Updated On:

Products

CA Service Catalog

Issue/Introduction

After installing 17.3.0.14, we cannot connect from Service Catalog to the SQL Server. The JDBC is throwing an error on connection that the SSL is failing. We are not connecting to SQL Server's SSL port, however. 

View.log shows:

20XX/XX/XX 14.06.03.227 ERROR [Thread-2] [CaDBCPDataSource] Unable to create Basic Data Source:java.sql.SQLException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "The server selected protocol version TLS10 is not accepted by client preferences [TLS13, TLS12]". ClientConnectionId:ddc90d00-2aba-4884-a126-be536a408005)

Error states that TLS 1.0 is not accepted by the server, but if we manually force 1.2 we get an error.

Cause

SQL 2014 server base release tries to use TLS1.0, but the JDK version shipped in 17.3.0.14 won't accept this old, less secure standard.

Environment

Release : 17.3

Component : Catalog - MDB Issue

Resolution

SQL Server must be updated to allow the later TLS updates.  Microsoft allow you to upgrade SQL Server to TLS 1.2 with this update:

https://support.microsoft.com/en-us/topic/kb3135244-tls-1-2-support-for-microsoft-sql-server-e4472ef8-90a9-13c1-e4d8-44aad198cdbe#:%7E:text=SQL%20Server%202019%20has%20the,to%20enable%20TLS%201.2%20support