MSSQL target account synchronization issue
Article ID: 277913
Updated On:
Products
Issue/Introduction
When a PAM administrator tries to verify or update an MSSQL target account, an SSL error "driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption" in encountered. The SSL error is reported in PAM's Tomcat logs. The administrator ran into this issue as the database server configuration allowed ONLY SSL/TLS connections, that is, the database server previously did not enforce SSL/TLS connections.
Environment
All supported PAM 4.1.x versions
Cause
Configuration issue - Using the MS SQL connector, but Target Application configuration (via Credentials==>Manage Targets===>Applications) in PAM has not enabled "SSL/TLS" connections for MSSQL.
Resolution
Please refer to this PAM documentation link - https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/4-1-6/protect-privileged-account-credentials/identify-target-applications-and-connectors/add-a-mssql-target-connector.html
Via PAM UI, please ensure that the Target Application's "MSSQL" tab has "SSL/TLS" enabled for port 1433.
Additional Information
None.
Feedback
