2015-12-11 15:42

自v12升级以来,Azure SQL数据库错误TLS握手失败


I receive this error since this morning, new v12 updated server / Azure SQL Database:

TLS Handshake failed: x509: certificate is valid for tr12.northcentralus1-a.worker.database.windows.net, *.tr12.northcentralus1-a.worker.database.windows.net, not [server-name].database.windows.net

Locally I have no problem connecting to the Azure SQL database. On Azure Web App the connection cannot be established.

Same connection string as local - was working fine before v12 update.

I'm using this SQL driver github.com/denisenkom/go-mssqldb/

Any pointer, don't believe I should change the connection string? Why it's working on local and not on Azure web app.

Edit 1: Just tried to replace [server-name].database.windows.net with the tr12... but tcp connection cannot be established.

Edit 2: Here's the connection string if it can help, bottom line, why it's working locally, same driver package version, I'm building executable locally and deploying via FTP, so not using Kudo deployment for this app. Was working A1 until Azure auto-upgraded to v12.

Server=[server-name].database.windows.net;Port=1433;Database=[dbname];User ID=[user];Password=[pass];Trusted_Connection=False;Encrypt=True;Connection Timeout=30;

Should trusted connection be true? or Encryption false? Will try changing those to see....

Edit 3: I've look at the connection string from Azure portal, and v12 seems to have this new parameters: TrustServerCertificate=False but no chance, did not fixed the issue

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答


  • dongyun65343 dongyun65343 6年前

    Based on this closed issue I changed TrustServerCertificate from False to True and added this parameter hostNameInCertificate to the connection string and it is working now:



    Azure portal suggests to have TrustServerCertificate=False and no hostNameInCertificate.

    点赞 评论 复制链接分享