• State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 25 subscribers
  • Views 1596 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Errors connecting to repository after setting Force Encryption to Yes

chuck_myers

Hi - I have had DPA running successfully for a couple years, but recently had to install another piece of software that required me to set the "Force Encryption" to "Yes" in SQL Server Configuration Manager on the "Protocols for MSSQLSERVER".  The error I'm getting is:

Encryption is required to connect to this server but the client library does not support encryption; the connection has been closed. Please upgrade your client library

These errors happen several times per second and is pushing out any useful log entries.

Thanks for any input!

  • 0

    There is an additional step in the connection information configuration of the monitored instance requiring SSL.

    In DPA, click Options > Update Connection Info.

    Select the SQL Server monitored instance that needs the SSL connection, and click Next.

    Select JDBC URL Properties, and add ssl=request

    You may also set it to ssl=require

  • 0 in reply to chenry

    Thanks for the quick response!

    With the Force Encryption set to Yes, I can't even login to DPA.  To test your idea, I temporarily switched it back to No.

    I need to clarify that the issue is with the connection to the Repository (not the Monitored server).  I found "Update Repository Connection" under Options/Administration, but it says:

    To change the repository database connection information, edit the file then restart DPA.

    '{DPA_INSTALL_DIR}/iwc/tomcat/ignite_config/idc/repo.properties'

    When I open that file, I don't see anything related to SSL or encryption.

    Any other thoughts?

    Thanks again.

  • 0 in reply to chuck_myers

    Ah, I was thinking SSL to the monitored instance.  I that repo.properties file please add the following:

    repo.jdbcDriverProperties=ssl\=request

    Save the file

    Restart Ignite PI server service.

  • 0 in reply to chenry

    Thanks for the reply.  Sorry for the delay in getting back to this.  I determined that the Force Encryption really isn't necessary like I thought.

    I will try this suggestion on a weekend when I have a maintenance window.

  • 0 in reply to chuck_myers

    Again, sorry for the delay.  I was finally able to get to this today.

    chenry's suggestion worked.  I actually had to implement both suggestions because now both the Dev and Prod servers have SSL required.

    For review, here is what I did:

    In '{DPA_INSTALL_DIR}/iwc/tomcat/ignite_config/idc/repo.properties', I added a line:

         repo.jdbcDriverProperties=ssl\=request

    In Options / Monitor Setup / Update Connection Info, selected my Database Instance and Next.  Checked the "JDBC URL Properties" and added "ssl=request" in the textbox.  The restart happened automatically.

    Thanks!

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.