Home > Article > Backend Development > Why Does Azure SQL Database v12 Throw a TLS Handshake Failure After Upgrade?
Why Does Azure SQL Database v12 Throw a TLS Handshake Failure After Upgrade?
- DDDOriginal
- 2024-10-27 01:15:30337browse
Azure SQL Database Error: TLS Handshake Failure after v12 Upgrade
Issue:
Following an upgrade to Azure SQL Database v12, users are encountering a TLS handshake failure with the error message: "TLS Handshake failed: x509: certificate is valid for tr12.northcentralus1-a.worker.database.windows.net, *.tr12.northcentralus1-a.worker.database.windows.net, not [server-name].database.windows.net."
Troubleshooting:
Initially, it was assumed that the connection string needed to be modified. However, it remained consistent between the functioning local environment and the Azure Web App where the failure occurred.
Resolution:
The solution lay in modifying the connection parameters:
- Set TrustServerCertificate to True.
- Add the parameter hostNameInCertificate with the value *.database.windows.net.
Final Connection String:
Server=[server-name].database.windows.net;Port=1433;Database=[dbname];User ID=[user];Password=[pass];Trusted_Connection=False;Encrypt=True;Connection Timeout=30; TrustServerCertificate=True;hostNameInCertificate=*.database.windows.net;
Explanation:
The TrustServerCertificate parameter indicates whether to trust the server certificate provided by the Azure SQL Database service. Setting it to True allows the connection to proceed even if the certificate is not issued for the specific server name specified in the connection string.
The hostNameInCertificate parameter allows the connection to succeed if the server certificate contains the specified hostname. This addresses the issue of the certificate being valid for a different hostname than the specified server name.
Azure Portal Configuration:
It is worth noting that the Azure portal suggests setting TrustServerCertificate to False and omitting the hostNameInCertificate parameter. However, this configuration did not resolve the issue.
The above is the detailed content of Why Does Azure SQL Database v12 Throw a TLS Handshake Failure After Upgrade?. For more information, please follow other related articles on the PHP Chinese website!
Related articles
See more- How to Sort a Slice of Structs with Nested Slice Fields in Go?
- Here are a few title options based on your provided article, focusing on the question aspect: Option 1 (Direct & Concise): * Is Writing to os.Stdout in Go Concurrently Thread-Safe? Option 2 (Hi
- How to Send Emails Effectively with the Gmail Go SDK: Demystifying the Message Type and MIME Formatting?
- How Can I Handle Arbitrary Data Streams with Buffers in Golang?
- How Can I Read Large Files Efficiently in Go with Limited RAM?