-
Notifications
You must be signed in to change notification settings - Fork 427
SSLProtocol
The Microsoft JDBC Driver for SQL Server supports setting the SSL protocol via the connection string. Below is an example of setting the default label using the connection URL.
String conURL = "jdbc:sqlserver://localhost;userName=sa;password=PASSW0RD;database=master;sslProtocol=TLS";
SQLServerConnection con = (SQLServerStatement) DriverManager.getConnection(conURL);
Another way to set the default label is using a SQLServerDataSource object.
SQLServerDataSource ds = new SQLServerDataSource();
ds.setUser("sa");
ds.setPassword("PASSWORD");
ds.setServerName("localhost");
ds.setPortNumber(1433);
ds.setDatabaseName("master");
ds.setSSLProtocol("TLS");
SQLServerConnection con = (SQLServerConnection) ds.getConnection();
TLS
, TLSv1
, TLSv1.1
, TLSv1.2
are the supported protocol labels. The value of the property is used as the protocol on the SSLContext.getInstance
method. SSLContext.getInstance
method might behave differently depending on the JVM. We recommend reading about this method and the protocol labels before using the sslProtocol
property. The following table demonstrates the enabled protocols with Oracle, IBM, and SAP Java runtimes.
Protocol Label | ORACLE JVM | IBM JVM | SAP JVM |
---|---|---|---|
TLS | TLSv1, TLSv1.1, TLSv1.2 | TLSv1 | TLSv1, TLSv1.1, TLSv1.2 |
TLSv1 | TLSv1 | TLSv1 | TLSv1 |
TLSv1.1 | TLSv1.1 | TLSv1.1 | TLSv1, TLSv1.1 |
TLSv1.2 | TLSv1.2 | TLSv1.2 | TLSv1, TLSv1.1, TLSv1.2 |
Suite B and SP800-131A standards require SSL configuration to use TLSv1.2 protocol only. sslProtocol
connection property allows the users specify the required SSL protocol version.