Devart Forums

Hello,

We've started using DBProtect to scan our databases and we're having issues connecting to our PostgreSQL instances that require TLS 1.2. We did a packet capture with WireShark and the connection is trying to negotiate with TLSv1.1.

It looks like DBProtect is using the dotConnect Universal, version 3.80.1976.0 in our case. Does this version of dotConnect Universal (Devart.Data.Universal.PostgreSql.dll) support TLS 1.2? If so, any idea how we can force it to use TLS 1.2? Or would we need to reach out to DBProtect vendor Trustwave?

Thanks in advance.

AnotherDBA wrote: ↑Wed 21 Apr 2021 19:54Does this version of dotConnect Universal (Devart.Data.Universal.PostgreSql.dll) support TLS 1.2?

You can try to specify 'SSL TLS Protocol=1.2;' in the connection string. It might work, but unfortunately, any version of dotConnect Universal hasn't supported full set of modern encryption algorithms yet (if the server requires them).

Presently, the modern encryption algorithms are fully supported by dotConnect for PostgreSQL only.
https://www.devart.com/dotconnect/postgresql/

In order to have full support of SSLv.1.2 by dotConnect for PostgreSQL, you have to add these assemblies compiled for .NET Framework 4.7 to project references (instead of defaults):
C:\Program Files (x86)\Devart\dotConnect\PostgreSQL\NET4\Devart.Data.dll
C:\Program Files (x86)\Devart\dotConnect\PostgreSQL\NET4\Devart.Data.PostgreSql.dll