Win10/Win11更新后無法連接SQLServer ssl安全錯誤

發布時間：2024/8/19 16:01:52 作者：Admin 閱讀：538

1、問題：

Win10/Win11更新系統補丁后，客戶端程序不能連接SQLServer2015數據庫，提示異常消息：
已成功與服務器建立連接，但是在登錄過程中發生錯誤。 (provider: SSL Provider, error: 0 - 證書鏈是由不受信任的頒發機構頒發的。)

2、處理

分析可能是新的補丁已經默認棄用或禁用舊版本TLS導致。在客戶端電腦的PowerShell中執行如下命令后，再次運行程序連接正常。

foreach ($CipherSuite in $(Get-TlsCipherSuite).Name)
{
"Disabling cipher suite: " + $CipherSuite
Disable-TlsCipherSuite -Name $CipherSuite
}
Enable-TlsCipherSuite -Name TLS_AES_256_GCM_SHA384
Enable-TlsCipherSuite -Name TLS_AES_128_GCM_SHA256
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Enable-TlsCipherSuite -Name TLS_RSA_WITH_AES_256_GCM_SHA384
Enable-TlsCipherSuite -Name TLS_RSA_WITH_AES_128_GCM_SHA256
Enable-TlsCipherSuite -Name TLS_RSA_WITH_NULL_SHA256
Enable-TlsCipherSuite -Name TLS_RSA_WITH_NULL_SHA
Enable-TlsCipherSuite -Name TLS_PSK_WITH_AES_256_GCM_SHA384
Enable-TlsCipherSuite -Name TLS_PSK_WITH_AES_128_GCM_SHA256
Enable-TlsCipherSuite -Name TLS_PSK_WITH_AES_256_CBC_SHA384
Enable-TlsCipherSuite -Name TLS_PSK_WITH_AES_128_CBC_SHA256
Enable-TlsCipherSuite -Name TLS_PSK_WITH_NULL_SHA384
Enable-TlsCipherSuite -Name TLS_PSK_WITH_NULL_SHA256
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
Enable-TlsCipherSuite -Name TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384
Enable-TlsCipherSuite -Name TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384
Enable-TlsCipherSuite -Name TLS_RSA_WITH_AES_128_CBC_SHA256
Enable-TlsCipherSuite -Name TLS_RSA_WITH_AES_128_CBC_SHA
Enable-TlsCipherSuite -Name TLS_RSA_WITH_AES_256_CBC_SHA256
Enable-TlsCipherSuite -Name TLS_RSA_WITH_AES_256_CBC_SHA
Enable-TlsCipherSuite -Name TLS_RSA_WITH_3DES_EDE_CBC_SHA

查看結果命令：

foreach ($CipherSuite in $(Get-TlsCipherSuite).Name)
{

"Enable-TlsCipherSuite -Name " + $CipherSuite
}

分享到： QQ空間微信新浪微博

国产老熟女高潮毛片A片仙踪林,欧美喂奶吃大乳,狠狠爱无码一区二区三区,女神的私人医生动漫免费阅读

新聞動態

sqlserver數據庫

Win10/Win11更新后無法連接SQLServer ssl安全錯誤