Database connection unsuccessful: Failed to connect - What certificate is it using?
Hey I am trying to create a database connection to an MS SQL server. When I test the connection, I get the following error: Database connection unsuccessful: Failed to connect to x.x.x.x:1433 - self signed certificate I assume that means that Cribl Stream tries to make an encrypted connection to the SQL database? If so, what certificate is it using? Is there a way to force not using a cert if I wanted to test it that way? Nothing in the connection settings has a place for certificate information.
Answers
-
I assume Cribl is not using the cert, but the database server is using a self signed cert on its side. Did you check that?
0 -
I dont think other connections are using a secure method to connect to the SQL server. I will have to do some more testing to be sure though.
0 -
outside of Cribl
0 -
Are you using a connection string in your database connection setting Cribl? Can you share that page?
0 -
That error is always due to a client encountering a server cert it doesn't trust. A client doesn't have to have its own cert in order to make an encrypted connection (eg your web browser doesn't need its own certificate to use https with any website). Having its own certificate only provides authentication for clients. We would need to see your connection string to troubleshoot further.
0 -
Are you using a hostname or an ip for the connection?
0 -
IP
0 -
I can post connection string
0 -
Just for a test, can you edit your hosts file in the event it isn't in DNS and give it a name that matches your cert host name?
0 -
obviously IP is different
0 -
You could try adding ;TrustServerCertificate=True
0 -
Thats obviously a dirty fix
0 -
so add a HOSTS entry for that IP, mapping it to name? yeah that line is worth a shot as well. So when creating the database collector, what is the proper format for the query? I pop in a normal SQL query and it does not like that
0 -
You're now in Microsoft country, I'm out
0 -
Same!
0 -
LOL
0 -
oh well, guess i will give up on database collectors.
0 -
<@U02MJ3E1B2P> did you get windows auth working in your lab or was the conclusion that it's not yet supported ?
0 -
<@U02B3KG124C> any guidance here?
0 -
Just checking for the obvious, did you add single quotes around your connection string?
0 -
I don't think it allows saving if they string is invalid.
0 -
the docs dont show that i need to do that
0 -
Yeah I just pulled it up :slightly_smiling_face:
0 -
Just made an assumption since we require that in so many places lol
0 -
ASSume :slightly_smiling_face:
0 -
I will hold off on this for now, but if someone has more advice on what to try, reach out please. Really want to test this more to replace some DB Connect stuff
0 -
Is User ID or User Id? And Semicolon at the end?
0 -
is the SQL Server on Azure? one thing I'm seeing in <https://tediousjs.github.io/node-mssql/#tedious|the docs of the library we're using under the hood> is to try adding `;Encrypt=True`
0 -
SQL server is at our data center, my Cribl test server is in AWS. Firewalls have already had the ports opened so comms is there.
0 -
<@U01C35EMQ01> i based my connection string off of this page. https://connectionstrings.com/sql-server/
0
