Symptom
- Error when refreshing reports connecting to SQL Server after disabling TLS 1.0 and 1.1
- Is Crystal Reports and Crystal Reports for Visual Studio compatible with TLS 1.x ?
- After disabling the TLS 1.0 and 1.1, Crystal Reports and application using the SDK, fails to connect to MS SQL Server with error like:
"Logon failed.
Details: ADO error Code: 0x80004005
Source: Microsoft OLE DB Provider for SQL Server
Description: [DBNETLIB][ConnectionOpen
(SECDoClientHandshake().] SSL Security error. SQL State: 08001
Native Error: 18 [Database Vendor Code:18]"
Environment
- SAP Crystal Reports 2013
- SAP Crystal Reports 2016
- SAP Crystal Reports 2020
- Crystal Reports for Visual Studio
- MS SQL Server 2012
- MS SQL Server 2014
- MS SQL Server 2016
- MS SQL Server 2017
- MS SQL Server 2019
Cause
- The Microsoft SQL Server is not configured to use TLS 1.2; or
- The version of the OLE DB Provider, or ODBC driver used to connect to MS SQL Server does not support TLS 1.2
For example:
If you are using the Microsoft OLE DB Provider for SQL Server, or the SQL Server ODBC driver, it will fail because those version does not support TLS 1.2
- It is not a Crystal Reports issue, but an issue with the OLEDB Provider, or ODBC driver version used that does not support TLS 1.2
Resolution
- Use a Microsoft ODBC driver, or OELDB Provider to MS SQL Server that support TLS 1.2:
- On the Microsoft website search for the latest ODBC driver, or OLEDB Provider to MS SQL Server.
- Download and install the ODBC driver, or OLEDB Provider to MS SQL Server.
For your convenience, below are links to download the OLEDB and ODBC driver from the Microsoft website:
- For ODBC Connection:
Microsoft OLE DB Driver for SQL Server
- For OLE DB Connection:
Microsoft ODBC Driver for SQL Server
- Depending on how you are connecting to MS SQL Server, perform the following step:
- For ODBC connection:
Go to the Microsoft ODBC Administrator, rename the previous ODBC DSN, and then create a new ODBC DSN using the same DSN name used on the report, to MS SQL Server using the newer ODBC Driver to MS SQL Server.
( For example: Select the ODBC Driver 18 for SQL Server )
- For OLE DB connection:
Open the report in Crystal Reports, and perform a set data source location to OLE DB, and select the newer OLE DB Provider.
( For example: Select the Microsoft OLE DB Driver 18 for SQL Server )
- Notes:
- For general steps on how to perform a set datasource location, see the SAP Knowledge Base Article: 1215396
- There is no options in Crystal Reports to perform change on multiple reports at once, therefore there is no option to change the data source of multiple reports at once. Each report needs to be edited one by one.
- Further information:
See the Microsoft website regarding issue when disabling TLS 1.0
https://msdn.microsoft.com/en-us/library/ff487261.aspx
Where it mentioned: SQL Server and Microsoft data providers for SQL Server support TLS 1.0 and SSL 3.0. If you enforce a different protocol (such as TLS 1.1 or TLS 1.2) by making changes in the operating system channel layer, your connections to SQL Server might fail.
Microsoft also release a few patches to resolve this issue:
https://support.microsoft.com/en-us/kb/3052404
Crystal Reports and our Ceystal Reports for Visual Studio .NET SDK's do not use TLS to connect to the Database, it use CORBA and TCP/IP protocals.
Microsoft has now un-deprecated their OLE DB providers and have plans to release an update the first quarter of 2018 to be TLS 1.2 Compliant and fully support TLS 1.2
To enable/disable TLS 1.x for the OS using registry keys see this Microsoft article:
https://technet.microsoft.com/en-us/library/dn786418(v=ws.11).aspx#BKMK_SchannelTR_TLS12
Bottom line is as long as your client is configured to use TLS 1.2 then Crystal Reports and Crystal Reports for Visual Studio applications will be able to connect to MS SQL Server.
A quick test is to use ODBC, create a new ODBC DSN and test the connection, if it is successfull, then it will work in Crystal Reports as well.
See Also
- Microsoft Knowledge base article on support for All versions of MS SQL Servers and disabling TLS 1.x:
https://support.microsoft.com/en-ca/help/3135244/tls-1-2-support-for-microsoft-sql-server
Keywords
TLS 1.0, Crystal Reports Designer, .NET, CRforVS, MS SQL Server Database , KBA , BI-DEV-NET , BI Software Development Kits (SDKs) - .NET or Other , BI-RA-CR , Crystal Reports designer or Business View Manager , Problem
Product
SAP Crystal Reports 2013 ; SAP Crystal Reports 2016 ; SAP Crystal Reports 2020 ; SAP Crystal Reports, developer version for Microsoft Visual Studio