stackoom
  简体   繁体   中英

PHP ODBC can't connect to SQL Server 2012 with Openssl 1.1.1

 原文  2020-11-20 02:23:48       php/ sql-server/ openssl/ odbc/ sqlsrv

Question

I've seen parts of this question asked around a few times, but nothing has worked for me yet.

I have an SQL Server 2012 instance running on a Windows server. On my Ubuntu 20.10 server, I am running PHP 7.4.12 on an apache server. I have openssl version 1.1.1 installed.

I followed most of the instructions found in the microsoft docs:

https://docs.microsoft.com/en-us/sql/connect/php/installation-tutorial-linux-mac?view=sql-server-ver15#installing-the-drivers-on-ubuntu-1604-1804-and-2004

but ran into some issues when downloading the msodbcsql17 driver. I had to download it from here instead:

https://packages.microsoft.com/ubuntu/20.04/prod/pool/main/m/msodbcsql17/

My PHP script:

<?php

try {
    // Sensitive info is replaced by temporary strings.
    $serverName = "<ip_addr>,<port>";

    $options = array("Database" => "<db_name>", "UID" => "<user_name>", "PWD" => "<password>");

    $conn = sqlsrv_connect($serverName, $options);

    if ($conn == false) {
        var_dump(sqlsrv_errors());
        die();
    }
} catch(Exception $e) {
    echo("Error!");
}

Here is the error printed out from the var_dump(sqlsrv_errors()); in the code above:

array(2) {
  [0]=>
  array(6) {
    [0]=>
    string(5) "08001"
    ["SQLSTATE"]=>
    string(5) "08001"
    [1]=>
    int(10054)
    ["code"]=>
    int(10054)
    [2]=>
    string(73) "[Microsoft][ODBC Driver 17 for SQL Server]TCP Provider: Error code 0x2746"
    ["message"]=>
    string(73) "[Microsoft][ODBC Driver 17 for SQL Server]TCP Provider: Error code 0x2746"
  }
  [1]=>
  array(6) {
    [0]=>
    string(5) "08001"
    ["SQLSTATE"]=>
    string(5) "08001"
    [1]=>
    int(10054)
    ["code"]=>
    int(10054)
    [2]=>
    string(79) "[Microsoft][ODBC Driver 17 for SQL Server]Client unable to establish connection"
    ["message"]=>
    string(79) "[Microsoft][ODBC Driver 17 for SQL Server]Client unable to establish connection"
  }
}

I saw this potential solution here: https://github.com/microsoft/msphpsql/issues/1021#issuecomment-520943561 but there is no line CipherString = DEFAULT@SECLEVEL-2 in the /etc/ssl/openssl.cnf file as the answer states. I tried adding CipherString = DEFAULT@SECLEVEL=1 to the end of the file anyway, but nothing changed.

What can I do to fix this error in the connection? Is the only other option to downgrade openssl versions? I've read that it can break many packages and cause issues down the line. I can't take the SQL Server offline to upgrade to a newer SQL version either.

I have made sure that the SQL Server is accepting remote connections as I can make an ODBC connection to the SQL Server from another machine using Crystal Reports.

EDIT: openssl command results

Here are the results which printed immediately after running:

openssl s_client -host <ip_addr> -port <port> -tls1

CONNECTED(00000003)
139710250579264:error:141E70BF:SSL routines:tls_construct_client_hello:no protoc                                           ols available:../ssl/statem/statem_clnt.c:1112:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 7 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

Here are the results after running:

openssl s_client -host <ip_addr> -port <port> -tls1_2

and it stayed open for a while and then finally after not entering anything it printed this:

CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 188 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1605916005
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---

1 answers

solution1
 1  2021-03-30 13:20:48

This is a bit late now. Try MinProtocol = TLSv1.0 in /etc/ssl/openssl.cnf . This works fine for me ( https://github.com/microsoft/msphpsql/issues/1023#issuecomment-523214695 )

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Can't connect to localhost SQL server 2012 with php Can't connect to SQL Anywhere 12 with PHP and ODBC on Ubuntu Php MSSQL(2012) giving error:Couldn’t connect to SQL Server Connect via PHP to SQL Server 2012 Can't connect to SQL Server from PHP PHP can't connect to SQL Server Connect PHP 5.4 to MSSQL 2012 ODBC failed to connect sql server 2005 and php grid with odbc Connect to SQL server from PHP via odbc connection with Windows authentication Using a FreeTDS ODBC driver to connect Linux PHP to a SQL Server
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM