000035384 - Microsoft SQL Server Collectors can no longer connect to the SQL Server database after upgrade to Microsoft SQL Server 2012 and Microsoft Windows 2012 with RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Aug 1, 2017Last modified by RSA Customer Support on Mar 22, 2019
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000035384
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle 
RSA Version/Condition: 6.9+ (JDK 6.0), 7.X+ (JDK 7.0)
Platform (Other): JDBC 4.0, JDBC 4.1
Platform (Other): Microsoft SQL Server 2012
Platform (Other): Microsoft Windows 2012

IssueA working Microsoft SQL Server IDC and/or ADC can no longer connect to SQL Server and collect data after upgrading to Microsoft SQL Server 2012 and Microsoft Windows 2012 (the platform on which Microsoft SQL Server is installed.)

The aveksaServer.log has the following error:
06/21/2017 11:20:33.239 ERROR (ApplyChangesRegularThread-136287) [SystemErr]
com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "SQL Server did not return a response. The connection has been closed."

The collector is configured to use the Microsoft SQL Server JDBC driver:
 User-added image

This is a known issue in the following versions of RSA Identity Governance and Lifecycle which uses the Microsoft JDBC driver 4.0 and 4.1 when connecting to an external Microsoft SQL Server for collections and connectors where DB Type is SQLServer or SQLServer3.  

  • RSA Identity Governance &  Lifecycle 6.9.1
  • RSA Identity Governance & Lifecycle 7.0.0
  • RSA Identity Governance & Lifecycle 7.0.1
  • RSA Identity Governance & Lifecycle 7.0.2
Microsoft Windows 2012 requires 1028-bit ciphers which are only supported in the Microsoft JDBC driver 4.2 and later.

ResolutionThis issue is resolved in the following versions of RSA Identity Governance and Lifecycle which use Microsoft JDBC driver 4.2 for DB Type SQLServer.
  • RSA Identity Governance & Lifecycle 7.1.0
  • RSA Identity Governance & Lifecycle 7.1.1

Note that Microsoft JDBC driver 4.2 only runs on Java JRE 1.8.   This version of the driver cannot be used on older versions of RSA Identity Governance and Lifecycle. 

For solutions for older versions see the Workaround section. 
WorkaroundUse the open source third party JTDS JDBC driver. This may be downloaded for free from the web by the customer. 
  1. Upload the driver to:

  1. Configure the collector(s) as follows:

User-added image