We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

View Complete Thread
  • TLS 1.2 only mode on 2019 server and Provider=SQLOLEDB.1 asp with IIS works?

    Feb 14, 2021 06:46 PM|markm75|LINK

    We have a production AWS IIS server, on this server its configured the same way as our bare bones staging/test server

    In both cases we applied the TLS 1.0 and 1.1 disabled registry code to disable those and applied the cipher order in gpedit to ensure its up to 1.2 standards (found on many guides online).

    The strange part is, the production server asp that has legacy code and uses a connect string like:
    Provider=SQLOLEDB.1  encrypt=true;trustServerCertificate=true   and points to the aws RDS sql server address and db, will throw an error. 

    What we get is:

    [DBNETLIB][ConnectionOpen (SECDoClientHandshake()).]SSL Security error.

    Now im guessing this IS the expected behavior.

    However, the same exact asp code ran on the staging/test box works fine, no error.

    I've used IIS crypto to compare and i dont see a difference.

    Devs and myself (more IT admin here) are all baffled by the fact that it works on the test box.
    Has anyone ran into this and have any ideas?

    Thanks in advance