Getting "Internal Server Error (500)" When trying to log in to BFI Console

Hello All,
I’m getting an “Internet Server Error (500)” when trying to login to BFI Console with long Java backtrace that start with
"Java::ComMicrosoftSqlserverJdbc::SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: “SQL Server did not return a response. The connection has been closed. ClientConnectionId:4fd45d69-edfc-44d7-9b60-113a4131404e”. from com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(com/microsoft/sqlserver/jdbc/SQLServerConnection.java:1667) from com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(com/microsoft/sqlserver/jdbc/IOBuffer.java:1668) from com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(com/microsoft/sqlserver/jdbc/SQLServerConnection.java:1323) from com.microsoft.sqlserver.jdbc.SQLServerConnection.login(com/microsoft/sqlserver/jdbc/SQLServerConnection.java:991) from com.microsoft

Can anyone please help with the remediation steps.

From the message it looks like the database is down or not reachable from the BFI server.

Hello Jason,

Thanks for your prompt response.
I see that datanase is up and running (SQL services is also up), Port is listening and also from the bfi application server I am able to ping database server.

Don’t know what else to tell you, except perhaps to consult your database administrator or open a PMR. The error cited from the driver appears pretty clear. If it were an TLS / ciphers issue (which is pretty common as organizations step up to TLS 1.2 on some servers and not others), I’d expect a different message.

Try connecting from SQL Management Studio.

Even I suspect TLS issue.
Could you please explain more on TLS/ciphers issue and what need to be done . For example does tls setting need to be implemented on both the servers database as well as application ?

Also I see server was patched recently. so, could it be something related DLL files ?

Trying to connect from SQL Management Studio on the BFI host, to the database on the database host, will give us some useful info. See if that works (in TLS mode on management studio)

I performed below testing and it got failed.

ODBc connection test:

  1. Created empty file testconn.udl on bfi host

  2. Double clicked on the new file so “Data Link Properties” dialog opened

  3. Put SQL Server’s machine name in displayed point 1 and user ID and password in point 2

  4. Click on “Test Connection” button

Finally got an error that “the test connection also failed with an SSL error”

Kindly suggest what can be a possible cause and how to remediate!!

Read through https://support.microsoft.com/en-us/help/3135244/tls-1-2-support-for-microsoft-sql-server

There is a description for configuring SQL server as well as SQL clients. You likely need some of the ODBC or SQL client updates.

The documentation at https://www-01.ibm.com/support/docview.wss?uid=swg22013550&acss=danl_5163_web may also be helpful

Thanks Jason ,So this need to be done on bfi server not on database server ?

Thanks Jason ,I already added this setting on JVM.option file but still same issue.

You may need to open a PMR then so support can look through your configuration.

I don’t know whether you need to chsnge your BFI server or your SQL server…but they need to match.

Yes , I have opened PMR and waiting for their reply. Also wanted to highlight that we have BFI Prod and Dev with same configuration.
SQL.udl connection is working perfectly in prod Application but when it comes to dev it populate error when we click on 3 button dropdown

Hi Jason,

Could you please let us know what JDBC driver does BigFix Inventory/ ILMT uses ?

Quick response will be appreciated!!