Azure SQL数据库错误:自v12升级以来TLS握手失败。

huangapple go评论104阅读模式
英文:

Azure SQL Database error TLS Handshake failed since v12 upgrade

问题

我从今天早上开始收到这个错误,新的v12更新的服务器/ Azure SQL数据库:

TLS握手失败:x509:证书有效的是
tr12.northcentralus1-a.worker.database.windows.net,
*.tr12.northcentralus1-a.worker.database.windows.net,而不是[server-name].database.windows.net

在本地连接到Azure SQL数据库没有问题。在Azure Web App上无法建立连接。

与本地相同的连接字符串-在v12更新之前一切正常。

我正在使用这个SQL驱动程序github.com/denisenkom/go-mssqldb/

有什么指示,我不认为我应该更改连接字符串吗?为什么在本地工作而在Azure Web App上不工作。

编辑1:刚刚尝试用tr12...替换[server-name].database.windows.net,但无法建立TCP连接。

编辑2:如果可以的话,这是连接字符串,底线是为什么在本地工作,相同的驱动程序包版本,我在本地构建可执行文件并通过FTP部署,所以不使用Kudo部署此应用程序。在Azure自动升级到v12之前一直工作正常。

Server=[server-name].database.windows.net;Port=1433;Database=[dbname];User
ID=[user];Password=[pass];Trusted_Connection=False;Encrypt=True;Connection
Timeout=30;

应该将Trusted_Connection设置为True吗?还是将Encryption设置为False?将尝试更改这些设置来查看是否有所改变...

编辑3:我查看了来自Azure门户的连接字符串,并且v12似乎具有这些新参数:TrustServerCertificate=False,但没有机会,无法解决问题。

英文:

I receive this error since this morning, new v12 updated server / Azure SQL Database:

> TLS Handshake failed: x509: certificate is valid for
> tr12.northcentralus1-a.worker.database.windows.net,
> *.tr12.northcentralus1-a.worker.database.windows.net, not [server-name].database.windows.net

Locally I have no problem connecting to the Azure SQL database. On Azure Web App the connection cannot be established.

Same connection string as local - was working fine before v12 update.

I'm using this SQL driver github.com/denisenkom/go-mssqldb/

Any pointer, don't believe I should change the connection string? Why it's working on local and not on Azure web app.

Edit 1: Just tried to replace [server-name].database.windows.net with the tr12... but tcp connection cannot be established.

Edit 2: Here's the connection string if it can help, bottom line, why it's working locally, same driver package version, I'm building executable locally and deploying via FTP, so not using Kudo deployment for this app. Was working A1 until Azure auto-upgraded to v12.

> Server=[server-name].database.windows.net;Port=1433;Database=[dbname];User
> ID=[user];Password=[pass];Trusted_Connection=False;Encrypt=True;Connection
> Timeout=30;

Should trusted connection be true? or Encryption false? Will try changing those to see....

Edit 3: I've look at the connection string from Azure portal, and v12 seems to have this new parameters: TrustServerCertificate=False but no chance, did not fixed the issue

答案1

得分: 3

根据这个已关闭的问题,我将TrustServerCertificateFalse更改为True,并在连接字符串中添加了hostNameInCertificate参数,现在它可以正常工作:

https://github.com/denisenkom/go-mssqldb/issues/55

TrustServerCertificate=True;hostNameInCertificate=*.database.windows.net;

Azure门户建议将TrustServerCertificate设置为False,不设置hostNameInCertificate参数。

英文:

Based on this closed issue I changed TrustServerCertificate from False to True and added this parameter hostNameInCertificate to the connection string and it is working now:

https://github.com/denisenkom/go-mssqldb/issues/55

TrustServerCertificate=True;hostNameInCertificate=*.database.windows.net;

Azure portal suggests to have TrustServerCertificate=False and no hostNameInCertificate.

huangapple
  • 本文由 发表于 2015年12月11日 23:42:10
  • 转载请务必保留本文链接:https://go.coder-hub.com/34227296.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定