FIX: SQL Server 2000 protocol encryption applies to JDBC clients

This article has been archived. It is offered "as is" and will no longer be updated.
Bug #: 470049 (SHILOH_BUGS)
SYMPTOMS
In Microsoft SQL Server 2000, you can enable protocol encryption for all clients or for individual clients. The Force Protocol Encryption Server Network Utility option forces all incoming connections to be encrypted.

To implement protocol encryption, the driver must access the Secure Sockets Layer (SSL) protocol. Specifically, protocol encryption uses SSL application programming interfaces (APIs) that are implemented in Microsoft Windows NT. However, a problem occurs with Type 4 JDBC drivers because they are not permitted to directly call system DLLs. There is no library in Java 1.4 or earlier that emulates the protocol encryption behavior of SSL from Windows NT. If you do not apply this fix or SQL Server 2000 Service Pack 4 (SP4), SQL Server silently accepts connections from JDBC. This gives the false impression that the connections are actually encrypted. If the Force Protocol encryption option is turned on on the server side after you apply the fix, JDBC clients trying to connect to SQL server will not connect. This problem occurs because the current versions of JDBC drivers from Microsoft do not support SSL connections.
RESOLUTION

Service pack information

To resolve this problem, obtain the latest service pack for SQL Server 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
290211 How to obtain the latest SQL Server 2000 service pack

Hotfix information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
   Date         Time   Version             Size   File name   ----------------------------------------------------------------------   31-May-2003  18:45  2000.80.818.0      78,400  Console.exe         25-Jun-2003  01:01  2000.80.818.0      33,340  Dbmslpcn.dll   25-Apr-2003  02:12                    786,432  Distmdl.ldf   25-Apr-2003  02:12                  2,359,296  Distmdl.mdf   30-Jan-2003  01:55                        180  Drop_repl_hotfix.sql   23-Jun-2003  22:40  2000.80.837.0   1,557,052  Dtsui.dll           23-Jun-2003  22:40  2000.80.837.0     639,552  Dtswiz.dll          24-Apr-2003  02:51                    747,927  Instdist.sql   03-May-2003  01:56                      1,581  Inst_repl_hotfix.sql   08-Feb-2003  06:40  2000.80.765.0      90,692  Msgprox.dll         01-Apr-2003  02:07                      1,873  Odsole.sql   05-Apr-2003  01:46  2000.80.800.0      62,024  Odsole70.dll        07-May-2003  20:41  2000.80.819.0      25,144  Opends60.dll        07-May-2003  18:47                    132,096  Opends60.pdb   02-Apr-2003  21:48  2000.80.796.0      57,904  Osql.exe            02-Apr-2003  23:15  2000.80.797.0     279,104  Pfutil80.dll        22-May-2003  22:57                     19,195  Qfe469571.sql   11-Jul-2003  17:04                  1,084,147  Replmerg.sql   04-Apr-2003  21:53  2000.80.798.0     221,768  Replprov.dll        08-Feb-2003  06:40  2000.80.765.0     307,784  Replrec.dll         11-Jul-2003  16:56                  1,085,925  Replsys.sql   01-Jun-2003  01:01  2000.80.818.0     492,096  Semobj.dll          31-May-2003  18:27  2000.80.818.0     172,032  Semobj.rll   29-May-2003  00:29                    115,944  Sp3_serv_uni.sql   01-Jun-2003  01:01  2000.80.818.0   4,215,360  Sqldmo.dll          07-Apr-2003  17:44                     25,172  Sqldumper.exe       19-Mar-2003  18:20  2000.80.789.0      28,672  Sqlevn70.rll   02-Jul-2003  00:18  2000.80.834.0     180,736  Sqlmap70.dll        08-Feb-2003  06:40  2000.80.765.0      57,920  Sqlrepss.dll        24-Jul-2003  02:19  2000.80.844.0   7,553,105  Sqlservr.exe        24-Jul-2003  02:19                 12,755,968  Sqlservr.pdb   08-Feb-2003  06:40  2000.80.765.0      45,644  Sqlvdi.dll          25-Jun-2003  01:01  2000.80.818.0      33,340  Ssmslpcn.dll        01-Jun-2003  01:01  2000.80.818.0      82,492  Ssnetlib.dll        01-Jun-2003  01:01  2000.80.818.0      25,148  Ssnmpn70.dll        01-Jun-2003  01:01  2000.80.818.0     158,240  Svrnetcn.dll        31-May-2003  18:59  2000.80.818.0      76,416  Svrnetcn.exe        30-Apr-2003  23:52  2000.80.816.0      45,132  Ums.dll             30-Apr-2003  23:52                    132,096  Ums.pdb   02-Jul-2003  00:19  2000.80.834.0      98,816  Xpweb70.dll
Note Because of file dependencies, the most recent hotfix or feature that contains these files may also contain additional files.

The following JDBC drivers do not support the SSL connection:
  • SQL Server 2000 JDBC Driver
  • SQL Server 2005 JDBC Driver 1.0
  • SQL Server 2005 JDBC Driver 1.1
After you apply this hotfix, you must use third-party JDBC drivers to connect to the instance of SQL Server 2000 if the following conditions are true.

Note The third-party JDBD drivers that you use must support the SSL connection.
  • The instance of SQL Server requires encrypted connections.
  • You enabled the Force Protocol Encryption option in the instance.
  • You use one of the JDBC drivers in the previous list.
WORKAROUND
If your JDBC application requires protocol encryption in SQL Server 2000, you must use another method of encryption, such as Internet Protocol security (IPSec), or use a suitable SSL-enabled Type 3 JDBC driver.
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in SQL Server 2000 Service Pack 4.
MORE INFORMATION
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
276553 How to enable SSL encryption for SQL Server 2000 with Certificate Server
257591 Description of the Secure Sockets Layer (SSL) handshake
316898 How to enable SSL encryption for an instance of SQL Server by using Microsoft Management Console
324777 Support WebCast: Microsoft SQL Server 2000: How to configure SSL encryption
318605 How SQL Server uses a certificate when the Force Protocol Encryption option is turned on
Properties

Article ID: 826080 - Last Review: 01/17/2015 05:20:50 - Revision: 4.2

  • Microsoft SQL Server 2000 Developer Edition
  • Microsoft SQL Server 2000 Standard Edition
  • Microsoft SQL Server 2000 Enterprise Edition
  • Microsoft SQL Server 2000 Personal Edition
  • Microsoft SQL Server 2000, Workgroup Edition
  • Microsoft SQL Server 2000 Desktop Engine (Windows)
  • Microsoft SQL Server 2000 Enterprise Edition 64-bit
  • kbnosurvey kbarchive kbhotfixserver kbqfe kbsqlserv2000presp4fix kbfix kbbug KB826080
Feedback