TCP provider ERROR code 0x2746

[arjunasuresh3]

Changes in DB server – Disabled ssl 2 & 3, TLS 1.0 & 1.1

Post that connection started failing.

OS: RHEL 8
OPENSSL version: 1.1.1k
Unixodbc: 2.3.11
Msodbc: msodbcsql17-17.10.5.1
Mssql server: 2019
Either using isql or sqlcmd I am getting same error 0x2746

Tried following below (Nothing worked):

• upgrading to unixodbc 2.3.12
• upgraded to msodbcsql18
• update-crypto-policies –show from default to fips
• changed cipherstrind seclevel from 2 to 1 & 0

cat /etc/crypto-policies/back-ends/opensslcnf.config
CipherString = @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8
Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256
TLS.MinProtocol = TLSv1.2
TLS.MaxProtocol = TLSv1.3
DTLS.MinProtocol = DTLSv1.2
DTLS.MaxProtocol = DTLSv1.2
SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_rsae_sha256:rsa_pss_pss_sha384:rsa_pss_rsae_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:ECDSA+SHA1:RSA+SHA1

In case anyone facing similar issue let me know how to resolve same.

[lurcher]

That will be a driver issue, so there isn't a unixODBC fix that can be offered. However with my Easysoft hat on I know I added support for TLS 1.3 + 1.2 in the driver and it worked in the described situation. Not much help, but all I have.