Hey Lulu, While this is not a Solr specific issue I suspect your server is not configured to accept connections over older TLS/SSL versions but without seeing the handshake it can only be an assumption. So in this instance setting your client to handshake over TLS 1.1 is not going to fix your problem if the server is rejecting this protocol (i.e. your driver setting of sslProtocol=TLSv1).
I think you have two options: 1 Download and use a new version of the sql server driver and try connecting over TLSv2 - similar issue addressed here and discussion on how older versions of the sql driver ignore the sslProtocol driver setting (https://stackoverflow.com/questions/48464863/java-1-8-0-enable-tls1-2-in-jdbc-connection). I assume you're using Java 1.8 on the older Solr 5x instance. [https://cdn.sstatic.net/Sites/stackoverflow/Img/apple-touch-i...@2.png?v=73d79a89bded]<https://stackoverflow.com/questions/48464863/java-1-8-0-enable-tls1-2-in-jdbc-connection> sql server - Java 1.8.0 enable TLS1.2 in JDBC connection - Stack Overflow<https://stackoverflow.com/questions/48464863/java-1-8-0-enable-tls1-2-in-jdbc-connection> I have an SQL Server 2014 updated to the latest fixpack (12.0.5207). In the environment, the only protocol enabled is TLS1.2 (the registry keys has been set for the purpose). I can connect to the SQL stackoverflow.com 2 Confirm what TLS/SSL connections your sql server instance is configured to accept and enable the older protocols if you need to (not recommended as these older versions are disabled for a reason particularly if this is a public facing system). Thanks, Dwane Link to jdbc driver https://docs.microsoft.com/en-us/sql/connect/jdbc/download-microsoft-jdbc-driver-for-sql-server?view=sql-server-ver15 ________________________________ From: Paul, Lulu <lulu.p...@bl.uk> Sent: Thursday, 8 July 2021 8:54 PM To: solr-u...@lucene.apache.org <solr-u...@lucene.apache.org>; users@solr.apache.org <users@solr.apache.org> Subject: Microsoft.sqlserver.jdbc.SQLServerException on SOLR after upgrading SQL Server from 2012 --> 2019 Hi Team, Hi SOLR team, Our .net project (currently running on solr-5.2.1) recently updated the DB end (from SQL Server 2012 to SQL Server 2019). We made all the necessary changes with respect to app configs and SOLR configs - Changed data-config.xml, Restarted SOLR instance, re-started the server, Perform a full import on SOLR UI. But below is the error that gets flagged up on the Logging section of SOLR UI - org.apache.solr.handler.dataimport.DataImportHandlerException: Unable to execute query: select ID from Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "SQL Server did not return a response. The connection has been closed.". at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:1368) at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1412) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1058) at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:833) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:716) at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:841) at org.apache.solr.handler.dataimport.JdbcDataSource$1.call(JdbcDataSource.java:191) at org.apache.solr.handler.dataimport.JdbcDataSource$1.call(JdbcDataSource.java:171) at org.apache.solr.handler.dataimport.JdbcDataSource.getConnection(JdbcDataSource.java:440) at org.apache.solr.handler.dataimport.JdbcDataSource$ResultSetIterator.<init>(JdbcDataSource.java:308) Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "SQL Server did not return a response. The connection has been closed.". at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:1368) at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1412) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1058) at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:833) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:716) at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:841) at org.apache.solr.handler.dataimport.JdbcDataSource$1.call(JdbcDataSource.java:191) at org.apache.solr.handler.dataimport.JdbcDataSource$1.call(JdbcDataSource.java:171) at org.apache.solr.handler.dataimport.JdbcDataSource.getConnection(JdbcDataSource.java:440) at org.apache.solr.handler.dataimport.JdbcDataSource$ResultSetIterator.<init>(JdbcDataSource.java:308) After some research it appeared that many users have faced TLS issues which can be the cause for such an error. I then tried to modify the config to force dataconfig.xml to accept TLSv1. sslProtocol=TLSv1;encrypt=true;trustServerCertificate=true The jdbc driver version is sqljdbc42 Unfortunately nothing seems to work. Any advice on what to do next ? Much appreciate, Thank you! Best Wishes Lulu ****************************************************************************************************************** Experience the British Library online at www.bl.uk<http://www.bl.uk/> The British Library's latest Annual Report and Accounts : www.bl.uk/aboutus/annrep/index.html<http://www.bl.uk/aboutus/annrep/index.html<http://www.bl.uk/aboutus/annrep/index.html<http://www.bl.uk/aboutus/annrep/index.html>> Help the British Library conserve the world's knowledge. Adopt a Book. www.bl.uk/adoptabook<http://www.bl.uk/adoptabook<http://www.bl.uk/adoptabook<http://www.bl.uk/adoptabook>> The Library's St Pancras site is WiFi - enabled ***************************************************************************************************************** The information contained in this e-mail is confidential and may be legally privileged. It is intended for the addressee(s) only. If you are not the intended recipient, please delete this e-mail and notify the postmas...@bl.uk<mailto:postmas...@bl.uk> : The contents of this e-mail must not be disclosed or copied without the sender's consent. The statements and opinions expressed in this message are those of the author and do not necessarily reflect those of the British Library. The British Library does not take any responsibility for the views of the author. ***************************************************************************************************************** Think before you print
