Solved: SQL Server Extension failing to connect to server

Troy · ‎24 Mar 2026

Using the Microsoft SQL Server extension we connected to several instances and was working flawlessly for quite some time,

Recently we are noticing 2012 servers are getting this error:

Cannot connect to database {server}\{instance}:{port}. Exception occurred: Can't create JDBC connection pool - "encrypt" property is set to "false" and "trustServerCertificate" property is set to "true" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: SQL Server did not return a response. The connection has been closed

This happened seemingly out of the blue - no changes made on our side or on the server itself. our config has the "Enable SSL" option disabled aswell.

Has anyone seen this error before and know the fix?

AntonPineiro · ‎25 Mar 2026

Hi,

Have you turn on some SSL flag in extension? Is need it? Can be switch off?

Best regards

❤️ Emacs ❤️ Vim ❤️ Bash ❤️ Perl

Troy · ‎25 Mar 2026

The "Enable SSL" Toggle in the extension config is turned off already and we never turned it on.

AntonPineiro · ‎25 Mar 2026

Hi,

I have just seen that error when SSL is enabled in extension and ActiveGate is not configured properly.

I would open a support ticket.

Best regards

❤️ Emacs ❤️ Vim ❤️ Bash ❤️ Perl

Troy · ‎26 Mar 2026

After a talk with support and rolling back an activegate as a test it seems to be an issue with Activegate version: 1.333.37 as rolling back solved the issue.

AntonioSousa · ‎30 Mar 2026

I have one case I just diagnosed where "Enable SSL" is toggled off, but nonetheless, the extension is forcing a TLS connection. Confirmed it through a network dump. What I see is that the SQL Server (in this case SQL Server 2014) is terminating a tentative TLS connection immediately:

@Mike_L , might there be something in 1.333 that forces SSL/TLS connections, despite not being told to do so? Ticket #621565

Antonio Sousa

AntonPineiro · ‎31 Mar 2026

Hi,

Not sure if SQL Server 2014 is supported base on this list.

Best regards

❤️ Emacs ❤️ Vim ❤️ Bash ❤️ Perl

AntonioSousa · ‎31 Mar 2026

@AntonPineiro ,

That shouldn't be an issue with extensions. After all, the WMI extension, for instance, is suggested to monitor servers or systems that are not supported by OneAgent...

Antonio Sousa

AntonioSousa · ‎06 Apr 2026

This hasn't been referenced here. The best reference for this issue is:
https://community.dynatrace.com/t5/Heads-up-from-Dynatrace/OpenJDK-17-0-18-change-in-Extension-Execu...

Antonio Sousa

tarjei · ‎24 Apr 2026

Has anyone gotten to the bottom of this issue?

AntonioSousa · ‎24 Apr 2026

@tarjei ,

Yes, it's a security issue. Dynatrace tries to connect, by default, using only modern ciphers/algorithms.

If you have older SQL Servers (I have managed to connect to 2005s), please follow the procedures referenced in https://community.dynatrace.com/t5/Heads-up-from-Dynatrace/Resolved-OpenJDK-17-0-18-change-in-Extens...

Antonio Sousa

tarjei · ‎30 Apr 2026

I tried to remove all of the tls.disabledaøgprithms but still doesn't work