[Microsoft][ODBC Driver 18 for SQL Server]SSL Provider: peer did not return a certificate (RHEL 8 and PHP 8.0)

Question

[Microsoft][ODBC Driver 18 for SQL Server]SSL Provider: peer did not return a certificate (RHEL 8 and PHP 8.0)

acoder 5

Using the documentation (1, 2) I installed the SQL Server driver for PHP/PDO on my RHEL 8 system running PHP 8.0. Everything looks good on installation. Using the supplied test script, I see the following error: Caught PDO exception:

SQLSTATE[08001]: [Microsoft][ODBC Driver 18 for SQL Server]SSL Provider: [error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol][error:140B40C7:SSL routines:SSL_do_handshake:peer did not return a certificate]

I've prevously used TSQL and did not use a security certificate (no PHI or sensitive info involved). Is there a way to not use SSL with the MS SQL-srv driver?

Seeya Xi-MSFT 16,586 Reputation points

2023-04-11T08:05:29.9033333+00:00

Hi @acoder , We have not received a response from you. Did the reply could help you? If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. By doing so, it will benefit all community members who are having this similar issue. Your contribution is highly appreciated. Best regards, Seeya
Seeya Xi-MSFT 16,586 Reputation points

2023-04-14T08:54:14.23+00:00

Hi @acoder ,

In order to benefit all community members who are having this similar issue, please choose an answer to accept or vote for the answer you think is useful to you. Your contribution is highly appreciated.

Best regards,

Seeya

2 answers

Your answer

Seeya Xi-MSFT 16,586 Reputation points

2023-04-11T08:05:29.9033333+00:00

Hi @acoder , We have not received a response from you. Did the reply could help you? If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. By doing so, it will benefit all community members who are having this similar issue. Your contribution is highly appreciated. Best regards, Seeya
Seeya Xi-MSFT 16,586 Reputation points

2023-04-14T08:54:14.23+00:00

Hi @acoder ,

In order to benefit all community members who are having this similar issue, please choose an answer to accept or vote for the answer you think is useful to you. Your contribution is highly appreciated.

Best regards,

Seeya

Answer 1

With the ODBC 18 driver (and all other recent drivers from Microsoft), the default is to require a trusted certificate for the encryption of the communication. That is, SQL Server must use a certificate which is in your trusted certificate store. You can use option Encrypt=False to decline encryption altogether or TrustServerCertificate to say that you think that the certificate provided by SQL Server is fine. In either case, you could be victim to a man-in-the-middle attack. That is, a process that reads the data you send to SQL Server and you get back.

Answer 2

Seeya Xi-MSFT 16,586

Hi @acoder ,

Here are some similar threads for your reference:

https://github.com/microsoft/msphpsql/issues/1112

https://stackoverflow.com/questions/65123031/odbc-driver-17-for-sql-serverssl-provider-error1425f102ssl-routinesssl-ch

Best regards,

Seeya

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Mathieu - GIE SALSA 0

I have the same problem :

PHP Fatal error: Uncaught PDOException: SQLSTATE[08001]: [Microsoft][ODBC Driver 18 for SQL Server]SSL Provider: [error:0A00014D:SSL routines::legacy sigalg disallowed or unsupported]

I tried changing TLS1.2 to TLS1.0 but nothing changed. I tried Encrypt=false/true and TrustServerCertificate=false/true;

But nothing helps...

Here is the code in question:

<?php
$db = new PDO('sqlsrv:Server=SRVIMPFIC;Database=MyDatabase;Encrypt=false;TrustServerCertificate=false;',
'APPREADER',
'[Password]');
?>

Mathieu - GIE SALSA 0

I have the same problem :

PHP Fatal error: Uncaught PDOException: SQLSTATE[08001]: [Microsoft][ODBC Driver 18 for SQL Server]SSL Provider: [error:0A00014D:SSL routines::legacy sigalg disallowed or unsupported]

I tried changing TLS1.2 to TLS1.0 but nothing changed. I tried Encrypt=false/true and TrustServerCertificate=false/true;

But nothing helps...

Here is the code in question:

<?php
$db = new PDO('sqlsrv:Server=SRVIMPFIC;Database=MyDatabase;Encrypt=false;TrustServerCertificate=false;',
'APPREADER',
'[Password]');
?>

Share via

[Microsoft][ODBC Driver 18 for SQL Server]SSL Provider: peer did not return a certificate (RHEL 8 and PHP 8.0)

2 answers

Your answer