I'm working on establishing a connection to a database server without encryption, as TLS isn't supported by the database system. Currently, I'm using isql to validate the connection:
isql -v -k "Driver={Driver SQL Server};Server=mysql-server;Database=DATABASE;UID=user;PWD=pwd;"However, I encountered an issue with error code 0x2746, indicating the absence of TLS support. After researching online, it seems that reducing the SECLEVEL to 0 in /etc/ssl/openssl.cnf resolves the problem:
[system_default_sect]CipherString = DEFAULT@SECLEVEL=0After rebooting, the connection works fine. But setting the SECLEVEL to 0 system-wide isn't ideal for obvious reasons. Instead, I'd prefer a per-connection configuration. So, I attempted the following:
[system_default_sect]CipherString = DEFAULT@SECLEVEL=2[mysql-server]CipherString = DEFAULT@SECLEVEL=0However, this produces the same error as mentioned at the beginning of this post.Any insights or suggestions on achieving per-connection configuration without compromising system security would be greatly appreciated.
Thanks!