[IQUG] TLS handshake failure Error

Bhandari, Shashikant shashikant.bhandari at sap.com
Mon Jun 11 14:21:46 MST 2018


Hi Joshva,

  Now SQL code number is changed. I will get back to you soon on this error

Regards

Shashikant Bhandari
Shashi<mailto:Shashi.Bhandari at sapns2.com>kant.Bhandari at sap.com<mailto:kant.Bhandari at sap.com>
http://www.sap.com<http://www.sapns2.com/>
     Office: +1 301 896 1427<tel:+1%20301%20896%201427>
     Cell:    +1 240 350 6639<tel:+1%20240%20350%206639>
   Please consider the impact on the environment before printing this e-mail.

On Jun 11, 2018, at 16:50, Peter, Allwin Hendry Joshva <AllwinHendryJoshva.Peter at McKesson.com<mailto:AllwinHendryJoshva.Peter at McKesson.com>> wrote:


Thanks Shashikant for your response.

(DBA)> select @@version
@@version
--------------------------------------------------------------------------------------------------------------------------------
SAP IQ/16.0.110.2722/10940/P/sp11.19/Enterprise Linux64 - x86_64 - 2.6.18-194.el5/64bit/2018-03-12 02:46:27

(1 rows)

Execution time: 0.01 seconds

dbisql -c 'uid=<username>;pwd=<mypassword>;eng=DEVIQ1;ENC=tls(fips=NO;tls_type=rsa;trusted_certificate=/home/ecovtay/.tls/DEVIQ1.id<http://DEVIQ1.id>;skip_certificate_name_check=yes)' -host <hostname> -port 5001 -nogui

Could not connect to the database.
Encryption error: Unrecognized encryption option
'skip_certificate_name_check'
SQLCODE=-895, ODBC 3 State="08001"


(Not Connected)> exit

Thanks!
Joshva

From: Bhandari, Shashikant [mailto:shashikant.bhandari at sap.com]
Sent: Monday, June 11, 2018 1:22 PM
To: Peter, Allwin Hendry Joshva <AllwinHendryJoshva.Peter at McKesson.com<mailto:AllwinHendryJoshva.Peter at McKesson.com>>; iqug at iqug.org<mailto:iqug at iqug.org>
Subject: RE: TLS handshake failure Error

Hi Peter,

    Are you using IQ 16.1?

   In your TLS string can you please add, “skip_certificate_name_check=yes”?, example below is using direct dbisql command line

dbisql -c 'uid=DBA;pwd=password;eng=myserver;ENC=tls(fips=NO;tls_type=rsa;trusted_certificate=/mycertificate.id<http://mycertificate.id>;skip_certificate_name_check=yes)' -host myhost -port 26000 -nogui

Regards

Shashikant Bhandari
Shashi.Bhandari at sapns2.com<mailto:Shashi.Bhandari at sapns2.com>
http://www.sapns2.com<http://cp.mcafee.com/d/5fHCMUSy-CYeouod78USrhhjhupjvvhdEEFELcFKcECPpISHoHZalxOVJ5N1wlhTQhl3Zp8mJUGevh72H5_v5t-N0lv79TKUYzGbSCPpISr01kRq54-nMSrjvsdCXCQPrNKVJUSyrh>
     Office: +1 301 896 1427
   Please consider the impact on the environment before printing this e-mail.

From: iqug-bounces at iqug.org<mailto:iqug-bounces at iqug.org> [mailto:iqug-bounces at iqug.org] On Behalf Of Peter, Allwin Hendry Joshva
Sent: Monday, June 11, 2018 12:54 PM
To: iqug at iqug.org<mailto:iqug at iqug.org>
Subject: [IQUG] TLS handshake failure Error

Hello All,
   Has anyone in the community implemented TLS encryption for the Sybase IQ database? We have implemented TLS and its working fine without any issues for the first few hours. After few hours we are getting “TLS handshake failure” error and we don’t know why its breaks after few hours.


[ecovtay at ddcdevdb1]$ dbisql -c dsn=joshtls -nogui
Could not connect to the database.
TLS handshake failure
SQLCODE=-829, ODBC 3 State="08S01"


(Not Connected)>


Thanks!
Joshva

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://iqug.org/pipermail/iqug/attachments/20180611/9f6a9c0a/attachment.html>


More information about the IQUG mailing list