TLS 1.2 support for SQL 2017
Overview
Transport Layer Security (TLS) 1.2 for Callback 8.11.2 or later requires updates to Windows, SQL Server, and Callback. Use the following instructions to enable TLS 1.2 with SQL 2017.
If using SQL 2012, please reference the TLS 1.2 support for SQL 2012 topic.
If using SQL 2016, please reference the TLS 1.2 support for SQL 2016 topic.
Before you begin
Verify the correct versions of Windows, IIS, SQL server, and additional components have been downloaded and installed from Microsoft. Use the following table to identify the correct versions of each:
| Callback version | 8.11.2 or later |
| Windows version | Windows 2017 64-bit |
| IIS | 10 |
| Framework | .NET Framework 4.7.0, 4.7.1, or 4.7.2 |
| SQL Server | MS SQL Server 2017 (Enterprise or Standard edition) |
| SQL Server Driver | One that supports TLS 1.2 |
| Command Line Utilities | Supplied by Microsoft for the driver |
Updating Windows
- Configure registry settings by using IIS Crypto OR reference Microsoft documentation on enabling TLS 1.2 for Configuration Manager.
- Restart Windows.
Upgrading Callback configuration and database
Callback can be configured to use Object Linking and Embedding (OLE) or Open Database Connectivity (ODBC) to communicate with the SQL reporting database (default value of VHT_RPT) within Callback.
To configure for OLE access:
- Configure the Management API (8.10 or later), Core Monitor, and Configuration Manager site.config files to use the desired driver:
- Set the Driver option to {driver, "{SQL_Driver_Name}"}. where SQL_Driver_name is usually SQL Server Native Client 11.0.
- Edit the ReportDBConnectionString variable in the VHT_Config > SystemVariables and ApplicationSettings table similar to the following example:
For OLE DB SQL Server Authentication:
Provider=SQLNCLI11;Data Source=Pi3;Initial Catalog=VHT_RPT;persist security info=False;User ID=sa;Password=Pass123
For OLE DB Windows Authentication:
Provider=SQLNCLI11;Data Source=Pi3;Initial Catalog=VHT_RPT;Integrated Security=SSPI;persist security info=False...To configure for ODBC access:
- Configure the Management API (8.10 or later), Core Monitor, and Configuration Manager site.config files to use the desired driver:
- Set the Driver option to {driver, "{SQL_Driver_Name}"}. where SQL_Driver_name is usually SQL Server Native Client 11.0.
- Create the 32-bit system Data Source Name (DSN) with desired configurations.
- Edit the ReportDBConnectionString variable in the VHT_Config > SystemVariables and ApplicationSettings table similar to the following example:
For OLE DB SQL Server Authentication:
Provider=SQLNCLI11;Data Source=Pi3;Initial Catalog=VHT_RPT;persist security info=False;User ID=sa;Password=Pass123
For OLE DB Windows Authentication:
Provider=SQLNCLI11;Data Source=Pi3;Initial Catalog=VHT_RPT;Integrated Security=SSPI;persist security info=False...- Add/change the following values within the Virtual Hold Technology\Dashboard\vht_auth_api-config.yml file:
- Replace :mode:'oledb' with :mode:'odbc'.
- Add :dsn: 'name_of_DSN_from_Step_2'.
- Restart all Virtual Hold services.
