Support for "Encryption Level" similar to the MSSQL Replication Agent option

[ikb42]

MS SQL has an option for replication agents to skip certificate verification - see "Encryption Level" (-EncryptionLevel):
References:
https://msdn.microsoft.com/en-us/library/ms151227.aspx
http://www.informit.com/articles/article.aspx?p=661373&seqNum=2

Is something like this supported or planned for Tedious?

[bretcope]

It's not planned, but if you want to submit a pull request, feel free.

[ikb42]

@bretcope I've spent a while looking at this but not getting very far. In my test I see that an encrypted connection is negotiated, but then the connection simply times out with "ETIMEOUT"?

[bretcope]

I, sadly, am not going to be much help since I've never really touched that part of the code. I would try to track down a working implementation or seek advice from people more familiar with the protocol. Perhaps someone else who has contributed to Tedious can also chime in.

[arthurschreiber]

I'm not sure what you're trying to do here.

Tedious already supports the encrypt option, which ensures an encrypted connection is openend to the SQL Server. This works most of the time, but we've seen multiple cases where this is not working correctly. It's really hard to debug, and without a fully reproducible case I can't help you a lot.

Also, can you try again with the latest tedious version? I made some tiny changes to the way encrypted connections are set up which might help with your issue.