Protocol-Error when trying to connect with SSL

Discussion of open issues, suggestions and bugs regarding ADO.NET provider for PostgreSQL
Post Reply
s3tb
Posts: 1
Joined: Wed 29 Jul 2020 17:42

Protocol-Error when trying to connect with SSL

Post by s3tb » Thu 30 Jul 2020 09:14

Hi,

I'm using dotConnect 7.17.1666 with Postgresql 12 on a ubuntu-Server. When trying to connect to the server/database, I get the following error:

Code: Select all

The server hello message uses a protocol that was not recognized.
I already read the older posts concerning this issue but I coudn't resolve my problem. The ssl-configuration In the current postgresql.conf looks like this:

Code: Select all

ssl = on
ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL'
#ssl_min_protocol_version = 'TLSv1.1'
#ssl_max_protocol_version = 'TLSv1.2'
I also tried to connect with ssl_min_ and ssl_max set, but with no success. The code to connect to the server is like

Code: Select all

Dim con As New PgSqlConnection With {
         .ConnectionString = "host=192.168.2.86;Port=5432;user id=musterdb;Password=mypassword;database=musterdb;unicode=true;"
      }
      con.SslOptions.CACert = "C:\Daten\root.crt"
      con.SslOptions.Cert = "C:\Daten\musterdb.crt"
      con.SslOptions.Key = "C:\Daten\musterdb.key"
      con.SslOptions.SslMode = SslMode.Require
      con.SslOptions.TlsProtocol = "1.2"
      con.SslOptions.CipherList = "3DES"
      con.Open()
I tried connectiong without the TlsProtocol-Option and setting the Cipherlist to "ALL" as well. I'm out of ideas. A connection with pgAdmin4 with the same parameters works just fine.

Would you please give some advice?

Shalex
Site Admin
Posts: 9543
Joined: Thu 14 Aug 2008 12:44

Re: Protocol-Error when trying to connect with SSL

Post by Shalex » Mon 03 Aug 2020 15:02

The list of ciphers supported by dotConnect for PostgreSQL is available at https://www.devart.com/dotconnect/postg ... tions.html.

Most likely, the following configuration option doesn't allow the usage of any supported ciphers:

Code: Select all

#ssl_min_protocol_version = 'TLSv1.1'

Shalex
Site Admin
Posts: 9543
Joined: Thu 14 Aug 2008 12:44

Re: Protocol-Error when trying to connect with SSL

Post by Shalex » Tue 26 Jan 2021 19:53

The new public build dotConnect for PostgreSQL v7.20.1812 includes assemblies compiled for .NET Framework 4.7:
* "C:\Program Files (x86)\Devart\dotConnect\PostgreSQL\NET4\Devart.Data.dll"
* "C:\Program Files (x86)\Devart\dotConnect\PostgreSQL\NET4\Devart.Data.PostgreSql.dll"

The .NET Framework 4.7 assemblies include runtime support for ciphers used by TLS 1.2.

By default, assemblies compiled for .NET Framework 2.0 are used:
* "C:\Program Files (x86)\Devart\dotConnect\PostgreSQL\Devart.Data.dll"
* "C:\Program Files (x86)\Devart\dotConnect\PostgreSQL\Devart.Data.PostgreSql.dll"

Please select the "Do not install assemblies in the GAC" option in Setup Wizard. Otherwise, the runtime will load provider assemblies compiled for .NET Framework 2.0 from GAC.

Post Reply