locked
SQL Server 2017 :::: Microsoft SQL Server 2012 Native client (version 11.4.7462.6) to enable TLS 1.2 support RRS feed

  • Question

  • Hi

    How can I update Microsoft SQL Server 2012 Native client (version 11.4.7462.6) to enable TLS 1.2 support?

    In addition, I have it in my ADD/Remove list programs from my Windows 2019 server computer where I installed SQL server 2017.



    Warm regards MeVs


    • Edited by MeVs Sunday, July 26, 2020 7:35 PM
    Sunday, July 26, 2020 2:59 AM

All replies

  • Hi MeVs,

    To enable TLS 1.2 for SQL Server, you need to set the correct registry in Registry Editor:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    For more details, please refer to TLS 1.2 support for Microsoft SQL Server and How to enable TLS 1.2 in SQL server which might help.

    In addition, here is a third-party tool which might help.

    Best Regards,

    Amelia


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, July 27, 2020 2:50 AM
  • Hi MeVs,

    To enable TLS 1.2 for SQL Server, you need to set the correct registry in Registry Editor:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    For more details, please refer to TLS 1.2 support for Microsoft SQL Server and How to enable TLS 1.2 in SQL server which might help.

    In addition, here is a third-party tool which might help.

    Best Regards,

    Amelia


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Hi Amelia,

    If I add those regedit value I will affect affecting to whole SQL remote server?

    This SQL server is holding several remote database in different SQL named instance for Operation Manager and Config Mgr, so this change requires a server restart and will affect everything inside it, don't you?


    Warm regards MeVs


    • Edited by MeVs Wednesday, August 12, 2020 2:20 AM
    Thursday, August 6, 2020 7:44 PM
  • well, I think it wil affect to server

    Warm regards MeVs

    Wednesday, August 12, 2020 2:21 AM
  • I applied these 3 settings to windows server 2016 regedit and restarted tit

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001

    I repeatedthe installation of Config Mgr product e warning keeps appearing: 

    "SQL Server Native Client Version

    Select an item to display details and information about how to resolve the problem. For a listing of all prerequisite check results, see ConfigMgrPrereq.log."

    Could anyone give anyadvice of what else to do?


    Warm regards MeVs

    Thursday, August 20, 2020 7:05 AM
  • If you have installed ideally you will be hanging replacement of  Microsoft OLE DB Driver for SQL Server installed.

    Is there any specific requirement that you needs  to use SQL 2012 SNC ?

    The SQL Server Native Client (SQLNCLI) remains deprecated and it is not recommended to use it for new development work. Instead, use the new Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL) which will be updated with the most recent server features.

    Thursday, August 20, 2020 11:54 AM
  • Yes, this requirement is for Microsoft Endpoing Configuration Manager 2002, 

    "Configuration Manager sites require a supported SQL Server Native Client version. To enable TLS 1.2 support, you must install a supported version of SQL Server Native Client on the specified site server. For more information, see https://go.microsoft.com/fwlink/?linkid=2026746"

    I deployed  SQL server 2017 as Site Server database and its pre requisite is SQLNCLI 2012 ( fully updated ), so I also checked its version and it's ok but the warning can't dissapear.

    Do you have any additional recommendation? 


    Warm regards MeVs

    Friday, August 21, 2020 3:49 PM