Article ID: 826080
Article Last Modified on 11/2/2007
APPLIES TO
- Microsoft SQL Server 2000 Developer Edition
- Microsoft SQL Server 2000 Standard Edition
- Microsoft SQL Server 2000 Enterprise Edition
- Microsoft SQL Server 2000 Personal Edition
- Microsoft SQL Server 2000 Enterprise Edition
- Microsoft SQL Server 2000 Workgroup Edition
- Microsoft SQL Server 2000 Desktop Engine (Windows)
- Microsoft SQL Server 2000 Developer Edition
- Microsoft SQL Server 2000 Enterprise Edition 64-bit
Bug #: 470049 (SHILOH_BUGS)
SYMPTOMS
In Microsoft SQL Server 2000, you can enable protocol encryption for all clients or for individual clients. The Force Protocol Encryption Server Network Utility option forces all incoming connections to be encrypted.
To implement protocol encryption, the driver must access the Secure Sockets Layer (SSL) protocol. Specifically, protocol encryption uses SSL application programming interfaces (APIs) that are implemented in Microsoft Windows NT. However, a problem occurs with Type 4 JDBC drivers because they are not permitted to directly call system DLLs. There is no library in Java 1.4 or earlier that emulates the protocol encryption behavior of SSL from Windows NT. If you do not apply this fix or SQL Server 2000 Service Pack 4 (SP4), SQL Server silently accepts connections from JDBC. This gives the false impression that the connections are actually encrypted. If the Force Protocol encryption option is turned on on the server side after you apply the fix, JDBC clients trying to connect to SQL server will not connect. This problem occurs because the current versions of JDBC drivers from Microsoft do not support SSL connections.
RESOLUTION
Service pack information
To resolve this problem, obtain the latest service pack for SQL Server 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
290211 How to obtain the latest SQL Server 2000 service pack
Hotfix information
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Date Time Version Size File name ---------------------------------------------------------------------- 31-May-2003 18:45 2000.80.818.0 78,400 Console.exe 25-Jun-2003 01:01 2000.80.818.0 33,340 Dbmslpcn.dll 25-Apr-2003 02:12 786,432 Distmdl.ldf 25-Apr-2003 02:12 2,359,296 Distmdl.mdf 30-Jan-2003 01:55 180 Drop_repl_hotfix.sql 23-Jun-2003 22:40 2000.80.837.0 1,557,052 Dtsui.dll 23-Jun-2003 22:40 2000.80.837.0 639,552 Dtswiz.dll 24-Apr-2003 02:51 747,927 Instdist.sql 03-May-2003 01:56 1,581 Inst_repl_hotfix.sql 08-Feb-2003 06:40 2000.80.765.0 90,692 Msgprox.dll 01-Apr-2003 02:07 1,873 Odsole.sql 05-Apr-2003 01:46 2000.80.800.0 62,024 Odsole70.dll 07-May-2003 20:41 2000.80.819.0 25,144 Opends60.dll 07-May-2003 18:47 132,096 Opends60.pdb 02-Apr-2003 21:48 2000.80.796.0 57,904 Osql.exe 02-Apr-2003 23:15 2000.80.797.0 279,104 Pfutil80.dll 22-May-2003 22:57 19,195 Qfe469571.sql 11-Jul-2003 17:04 1,084,147 Replmerg.sql 04-Apr-2003 21:53 2000.80.798.0 221,768 Replprov.dll 08-Feb-2003 06:40 2000.80.765.0 307,784 Replrec.dll 11-Jul-2003 16:56 1,085,925 Replsys.sql 01-Jun-2003 01:01 2000.80.818.0 492,096 Semobj.dll 31-May-2003 18:27 2000.80.818.0 172,032 Semobj.rll 29-May-2003 00:29 115,944 Sp3_serv_uni.sql 01-Jun-2003 01:01 2000.80.818.0 4,215,360 Sqldmo.dll 07-Apr-2003 17:44 25,172 Sqldumper.exe 19-Mar-2003 18:20 2000.80.789.0 28,672 Sqlevn70.rll 02-Jul-2003 00:18 2000.80.834.0 180,736 Sqlmap70.dll 08-Feb-2003 06:40 2000.80.765.0 57,920 Sqlrepss.dll 24-Jul-2003 02:19 2000.80.844.0 7,553,105 Sqlservr.exe 24-Jul-2003 02:19 12,755,968 Sqlservr.pdb 08-Feb-2003 06:40 2000.80.765.0 45,644 Sqlvdi.dll 25-Jun-2003 01:01 2000.80.818.0 33,340 Ssmslpcn.dll 01-Jun-2003 01:01 2000.80.818.0 82,492 Ssnetlib.dll 01-Jun-2003 01:01 2000.80.818.0 25,148 Ssnmpn70.dll 01-Jun-2003 01:01 2000.80.818.0 158,240 Svrnetcn.dll 31-May-2003 18:59 2000.80.818.0 76,416 Svrnetcn.exe 30-Apr-2003 23:52 2000.80.816.0 45,132 Ums.dll 30-Apr-2003 23:52 132,096 Ums.pdb 02-Jul-2003 00:19 2000.80.834.0 98,816 Xpweb70.dll
Note Because of file dependencies, the most recent hotfix or feature that contains these files may also contain additional files.
The following JDBC drivers do not support the SSL connection:
- SQL Server 2000 JDBC Driver
- SQL Server 2005 JDBC Driver 1.0
- SQL Server 2005 JDBC Driver 1.1
After you apply this hotfix, you must use third-party JDBC drivers to connect to the instance of SQL Server 2000 if the following conditions are true.
Note The third-party JDBD drivers that you use must support the SSL connection.
- The instance of SQL Server requires encrypted connections.
- You enabled the Force Protocol Encryption option in the instance.
- You use one of the JDBC drivers in the previous list.
WORKAROUND
If your JDBC application requires protocol encryption in SQL Server 2000, you must use another method of encryption, such as Internet Protocol security (IPSec), or use a suitable SSL-enabled Type 3 JDBC driver.
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in SQL Server 2000 Service Pack 4.
MORE INFORMATION
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
276553 How to enable SSL encryption for SQL Server 2000 with Certificate Server
257591 Description of the Secure Sockets Layer (SSL) handshake
316898 How to enable SSL encryption for an instance of SQL Server by using Microsoft Management Console
324777 Support WebCast: Microsoft SQL Server 2000: How to configure SSL encryption
318605 How SQL Server uses a certificate when the Force Protocol Encryption option is turned on
Keywords: kbbug kbfix kbqfe kbsqlserv2000presp4fix kbhotfixserver KB826080