php – SSL error 'dh key is too small', when connecting to SQL Server using ODBC 17 and Laravel on Centos 8-ThrowExceptions

Exception or error:

When the application tried to connect to the SQL Server database, it returns this error [Microsoft][ODBC Driver 17 for SQL Server]SSL Provider: [error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small]. The application uses Laravel as the framework and ODBC 17 to connect to the SQL Server database.

For context, since this seems like an SSL problem, the app is trying to connect to a database in a different server, and the application is connecting from a local domain. The server is using Centos 8 as the OS and uses OpenSSL. I have tried searching in the internet but what I found was answers to configure the OpenSSL ciphers, I do not know if that is a safe option.

Please if anyone has solved a problem like this, I need your help, thank you beforehand.

**Note: If further information regarding the conditions are needed please inform me.*

How to solve:

A colleague of mine helped me find an unusual fix for this problem, FYI this is not the proper way to fix this problem in production otherwise.

The application that I had to deploy apparently was connecting to a legacy database (Even though the database was a SQL Server 2016) and the crypto policies was not letting the application connect to the database. The dh key on the database was the one that is too small so we ran this and voila! The application is running.

sudo update-crypto-policies --set LEGACY

This command allows 1024 bit dh-keys to be allowed.

Don’t try this, I am using this in a development environment, please migrate your database to something safer.

This was our source:
https://yoku0825.blogspot.com/2019/12/centos-80url-error141a318assl.html

Leave a Reply

Your email address will not be published. Required fields are marked *