Windows 11 connection with SQL 2008 R2 - SSL

Mateusz888 20 Reputation points
2023-09-20T07:40:02.3133333+00:00

I have a problem connecting to a database on SQL Server 2008 R2 from Windows 11. I get an error:

Unable to conncet: SQL Server is unavailable or does not exist. SSL Security error.

I have Microsoft SQL Server 2008 R2 (SP3-GDR) (KB4057113) - 10.50.6560.0 (Intel X86) Dec 28 2017 15:45:46 Copyright (c) Microsoft Corporation Standard Edition on Windows NT 5.2 <X86> (Build : ) (Hypervisor)

According to Microsoft, this version of SQL should not have problems with TLS.

On Windows 10 it's ok.

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
13,664 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,432 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Olaf Helper 44,136 Reputation points
    2023-09-20T08:37:32.3933333+00:00

    SQL Server 2008 R2 is out-of-support since a long time.

    Have you installed the required update for SQL Server to support TLS?

    See TLS 1.2 support for Microsoft SQL Server

    You can add "Encrypt=False" to SQL Server connection string to disable TLS.


  2. ZoeHui-MSFT 36,111 Reputation points
    2023-09-21T06:04:49.9+00:00

    Hi @Mateusz888,

    • What's the correct registry setting to enable TLS 1.2 for SQL Server communication? The correct registry settings are as follows:
      • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
        • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001
          • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001
    • These settings are required for both server and client computers. The DisabledByDefault and Enabled settings are required to be created on Windows 7 clients and Windows Server 2008 R2 servers. On Windows 8 and later versions of the client operating systems or Windows Server 2012 server and later versions of the server operating systems, TLS 1.2 should already be enabled. If you're implementing a deployment policy for Windows Registry that needs to be independent of the OS release, then we recommend adding the mentioned registry keys to the policy.

    You may have a double check.

    Regards,

    Zoe Hui


    If the answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.