November 29, 2007 at 12:31 pm
Our Production SQL Server 2000 SP4 has been going thru a security scrutiny by our network administrators. One of the DTS packages stopped working after a security setting was changed on the server.
The package did not run :w00t: and showed this error "Microsoft ole DB provider for sql error [DBNETLIB][ConnectionOpen (SECDoClientHandshake()).]SSL Security error".
We were informed by the Network managers :hehe:about the followings security vulnerabilities on the server which they proceed to turn off:
1) SSL Server Supports Weak Encryption Vulnerability port 2381/tcp over SSL
2) SSL Server May Be Forced to Use Weak Encryption Vulnerability port 2381/tcp over SSL
We have been told that the parameter to resolve the above issues is either on or off. When off the DTS does not works.
The package access another database on a different server within our network and copy data into a db in our server.
Does anyone have a recommendation/solution to resolve the vulnerability and successfully run the DTS package?
December 2, 2007 at 1:30 pm
I don't and I'd ask that this be turned off for now.
Call MS while you still have time before support ends next spring.
Follow me on Twitter: http://www.twitter.com/way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
December 6, 2007 at 6:23 pm
Was the SSL cert on the SQL server issued by a certificate server in the same domain?
All you should need to do is install a new computer cert on the SQL server with a higher cipher strength & ask for a security rescan after doing so. The vulnerability should go away after that.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply