Hi,Srikanth GFrom the information you provided, there seems to be no issue with the DSN configuration. Is the certificate you provided self-signed? If this issue cannot be resolved, it is recommended to set TrustServerCertificate
to YES.
ServerCertificate DSN property mentioned in system_odbc.ini is not honored by Microsoft ODBC Driver 18 for SQL Server version 18.3 in linux
Hi all,
I have installed SQL Server instance in Windows and enabled SSL connections. Now I have installed ODBC SQL Server Native Client on Rhel 9 VM and configured a DSN in system_odbc.ini like:
[store_nativedr]
Driver=/F6/CA/siteminder/native/odbc/lib/libmsodbcsql.so
Description=Microsoft ODBC Driver 18 for SQL Server
Database=store_1
Server=xx.xxx.xx.xx,1433
Trusted_Connection=No
TrustServerCertificate=No
Encrypt=Yes
HostnameInCertificate=XXX
When I installed the Server root certificate in the location /etc/pki/ca-trust/source/anchors/ and run the command update-ca-trust, connection between SQL Server and ODBC client was successful[was testing the connection using isql command]
But now, if I just the append the DSN property "ServerCertificate" along with certificate path ,connection between SQL Server is failing:
ServerCertificate=/opt/config/odbcssl/<certname.cer>
with the error:
[08001][unixODBC][Microsoft][ODBC Driver 18 for SQL Server]SSL Provider: [error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:unable to get local issuer certificate]
[08001][unixODBC][Microsoft][ODBC Driver 18 for SQL Server]Client unable to establish connection. For solutions related to encryption errors, see https://go.microsoft.com/fwlink/?linkid=2226722
cert path provide by the property ServerCertificate is not considered
As per the documentation, DSN property ServerCertificate is supported in the 18+ version of "Microsoft ODBC Driver 18 for SQL Server" .
Is there a way to point Server certificate to a location other than "/etc/pki/ca-trust/source/anchors/" as I need to do the similar setup in Docker container where I won't be having root privileges to run update-ca-trust command?
1 answer
Sort by: Most helpful
-
MikeyQiaoMSFT-0444 3,025 Reputation points
2024-06-17T10:14:46.61+00:00