I receive this error since this morning, new v12 updated server / Azure SQL Database:
TLS Handshake failed: x509: certificate is valid for
tr12.northcentralus1-a.worker.database.windows.net,
*.tr12.northcentralus1-a.worker.database.windows.net, not [server-name].database.windows.net
Locally I have no problem connecting to the Azure SQL database. On Azure Web App the connection cannot be established.
Same connection string as local - was working fine before v12 update.
I'm using this SQL driver github.com/denisenkom/go-mssqldb/
Any pointer, don't believe I should change the connection string? Why it's working on local and not on Azure web app.
Edit 1: Just tried to replace [server-name].database.windows.net with the tr12... but tcp connection cannot be established.
Edit 2: Here's the connection string if it can help, bottom line, why it's working locally, same driver package version, I'm building executable locally and deploying via FTP, so not using Kudo deployment for this app. Was working A1 until Azure auto-upgraded to v12.
Server=[server-name].database.windows.net;Port=1433;Database=[dbname];User
ID=[user];Password=[pass];Trusted_Connection=False;Encrypt=True;Connection
Timeout=30;
Should trusted connection be true? or Encryption false? Will try changing those to see....
Edit 3: I've look at the connection string from Azure portal, and v12 seems to have this new parameters: TrustServerCertificate=False but no chance, did not fixed the issue
Based on this closed issue I changed TrustServerCertificate from False to True and added this parameter hostNameInCertificate to the connection string and it is working now:
https://github.com/denisenkom/go-mssqldb/issues/55
TrustServerCertificate=True;hostNameInCertificate=*.database.windows.net;
Azure portal suggests to have TrustServerCertificate=False and no hostNameInCertificate.
Related
I have a setup where the connection string of my .NET application is configured at the app service level and the database used in it is present in an Azure SQL VM
I see the following error, while accessing my Web APIs in the app service
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - Access is denied.
However, I’m able to connect to the database directly on my local system using SSMS with my organisation’s VPN
I’m struggling to find the right resource, appreciate if you someone can help me with steps to fix it
i just have the beginner level knowledge on Azure platform
I tried to reproduce the same in my environment I got the same error like below.
To resolve this issue i have removed private access and tried and then added new private access its work successfully.
Check the public access in selected network with firewall rule and allow exception as below.
And, when I remove this private endpoint and try to add new private access i can able to connect with my sql server.
Check this connectivity as below.
My azuresql,database server connected successfully.
Note: This error may occur in multiple ways if are not enable sql services and in tcp/Ip If any of the protocols are disabled or if Remote Connection Permission is disable error may occur for this please refer the below documents.
Reference:
Microsoft SQL Server Error 2 Cannot Connect to Local: How to Solve? (systoolsgroup.com)
Resolving could not open a connection to SQL Server errors (mssqltips.com)
I upgraded my service tier on only our App Service app (not the other resources). A day after doing this, the app will no longer start up - giving the following:
HTTP Error 500.30 - ASP.NET Core app failed to start
If I connect to the App Service portal and use Kudu to start it via a debug cmd prompt, I see
Microsoft.Data.SqlClient.SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - No such host is known.)
System.ComponentModel.Win32Exception (11001): No such host is known.
Storage queue startup also fails with my queue hostname. In kudu I also tried
C:\home\site\wwwroot>nameresolver mydatabase.database.windows.net
Server: Default
Can't find mydatabase.database.windows.net: Non-existent domain
(not my actual server name...) but same thing for google.com or any other hostname
also:
C:\home\site\wwwroot>ping 142.251.32.142
Unable to contact IP driver. General failure.
but this seems to be expected?
I am not using any fancy VPNs, private networks, groups or whatnot - this is as plain vanilla as I could make it. This worked for months before the upgrade. It works when run locally. My firewall for the database allows all azure services and my work/remote IP. I tried connection strings in the app service configuration only as well as only in appsettings.json. The connection string works in VS 2019, 2022, and sql management studio as well as the query tool within Azure portal itself. I've restarted the App service many times. OpenDNS cache check shows multiple different IPs for my database server but is this expected for regions? Why is the DNS apparently broken? How can I get this back to a functional state?
FYI - MS support contacted me and the service started working again with no changes after 6 days. So - there is no answer.
Problem:
We have a .NET Core Web API that we have just deployed as an Azure Web App. Testing locally everything works fine, however we are unable to connect to our DB from the deployed API in Azure.
From Application Insights I can see we are getting the following error:
Microsoft.Data.SqlClient.SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible.
Our setup:
We have our connection string included in appsettings.json
"ConnectionStrings": {
"DefaultConnection": "Data Source=<source>.com,<port>;Initial Catalog=<db>;User ID=<username>;Password=<password>;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;"
},
We know our API is using this connections string because we can see in Application Insights that there is a timeout connecting to the db specified in that exact connection string.
We do not have access to DB configuration as we have read only access granted to us from a third party. We can connect via SSMS/Azure Data Studio and when testing our Web API locally (which makes us think the connection string is correct).
Other Posts we have Referenced:
Connection String in Azure Web App Configuration - I have tried including and not including our connection string from the Azure App Service Configuration - neither changed that we got a timeout and subsequent 500 error.
Include Connection String in appsettings.json - We have our connection string included in appsettings.json and testing locally, we can connect to the db without issue.
Improperly Formatted Connection String - The connection string works when testing locally, so we do not believe it to be an issue with the formatting of the connection string. Additionally, because Application Insights says that there is a timeout connecting to the DB specified in the connection string, it appears to be using the connection string we are providing.
Any ideas as to what might be going on here and how we can connect to the DB would be greatly appreciated.
In this case, we needed to request that the third party whitelist our Azure Web Apps Outbound IP's.
Your Azure Web App Outbound IP's can be located in a number of ways.
Via Azure Portal
Web Apps > Your Web App > Under "Settings" go to Networking > Outbound Addresses
Via Azure CLI
az webapp show -n yourwebappname -g yourresoucegroup --query "outboundIpAddresses"
Requirement
I have an On-Premise SQL Server and an Azure webApp Service that needs to talk each other. I installed Hybrid Connection Manager on another computer which is in the same LAN as the SQL server. Let's refer this computer as the Connection PC.
The working part
Installation and configuration was straight forward, status of the hybrid connection showing as connected.
Tested the WebApp on localhost, it worked fine. Which means nothing wrong with the asp.net code
SSMS on the connection PC can access and query SQL DB
I installed a test SQL DB on the connection PC itself and use the WebApp to talk to the test DB instead, It worked fine.
The Problem
After tested ok on localhost, I published ASP.Net WebApp to Azure, it gave following error:
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
troubleshoot attempt
Does that mean Hybrid Connection manager has to be installed on the same computer that runs SQL Server?
I did attempt to install HCM on the SQL Server, but it says it cannot work with Win2008R2. The connection PC has win2012 on it. So it can have HCM.
I just do not have time to migrate the SQL Server to another server. So I hope HCM does not have to be on SQL server.
Connection String
In my webapp, the connection string is as follows.
connectionString="metadata=res:///ScaleDataModel.csdl|res:///ScaleDataModel.ssdl|res://*/ScaleDataModel.msl;provider=System.Data.SqlClient;provider connection string="data source=WIN2008R2\DataPlus;initial catalog=DataPlus;persist security info=True;user id=test;password=testpass;multipleactiveresultsets=True;application name=EntityFramework"" providerName="System.Data.EntityClient"
Hybrid Connection communicates via TCP ports thus you need to specify the listening static port in your connection string like:
Data source=ServerName:Port;
Also here is an actually detailed article about the all problems you may encounter while working with Hybrid Connections.
Hope this helped you.
Since you have a hybrid connection, your connection string should have the endpoint name of your hybrid connection as the data source. Try replacing it.
I receive this error since this morning, new v12 updated server / Azure SQL Database:
TLS Handshake failed: x509: certificate is valid for
tr12.northcentralus1-a.worker.database.windows.net,
*.tr12.northcentralus1-a.worker.database.windows.net, not [server-name].database.windows.net
Locally I have no problem connecting to the Azure SQL database. On Azure Web App the connection cannot be established.
Same connection string as local - was working fine before v12 update.
I'm using this SQL driver github.com/denisenkom/go-mssqldb/
Any pointer, don't believe I should change the connection string? Why it's working on local and not on Azure web app.
Edit 1: Just tried to replace [server-name].database.windows.net with the tr12... but tcp connection cannot be established.
Edit 2: Here's the connection string if it can help, bottom line, why it's working locally, same driver package version, I'm building executable locally and deploying via FTP, so not using Kudo deployment for this app. Was working A1 until Azure auto-upgraded to v12.
Server=[server-name].database.windows.net;Port=1433;Database=[dbname];User
ID=[user];Password=[pass];Trusted_Connection=False;Encrypt=True;Connection
Timeout=30;
Should trusted connection be true? or Encryption false? Will try changing those to see....
Edit 3: I've look at the connection string from Azure portal, and v12 seems to have this new parameters: TrustServerCertificate=False but no chance, did not fixed the issue
Based on this closed issue I changed TrustServerCertificate from False to True and added this parameter hostNameInCertificate to the connection string and it is working now:
https://github.com/denisenkom/go-mssqldb/issues/55
TrustServerCertificate=True;hostNameInCertificate=*.database.windows.net;
Azure portal suggests to have TrustServerCertificate=False and no hostNameInCertificate.