cancel
Showing results for 
Search instead for 
Did you mean: 
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Showing results for 
Search instead for 
Did you mean: 

com.microsoft.sqlserver.jdbc.SQLServerException:The driver could not establish a secure connection to SQL Server by using SSL encr. Error: "Unexpected rethrowing"

Michael_Galli
Contributor III

Hi all,

there is a random error when pushing data from Databricks to a Azure SQL Database.

Anyone else also had this problem? Any ideas are appreciated.

See stacktrace attached.

Target: Azure SQL Database, Standard S6: 400 DTUs

Databricks Cluster config:

"spark_version": "9.1.x-scala2.12",

  "spark_conf": {

    "spark.driver.extraJavaOptions": "-Dlog4j2.formatMsgNoLookups=true",

    "spark.sql.session.timeZone": "UTC",

    "spark.driver.maxResultSize": "6g",

    "spark.executor.extraJavaOptions": "-Dlog4j2.formatMsgNoLookups=true",

    "spark.databricks.io.cache.enabled": "true"

  },

  "node_type_id": "Standard_E4ds_v4",

  "driver_node_type_id": "Standard_E8ds_v4",

1 ACCEPTED SOLUTION

Accepted Solutions

User16741082858
Contributor III

This is related to cipher algorithm config occasionally failing during the handshake. As an immediate workaround I'd recommend trying to update to the latest JDBC driver which has a newer JRE which has some TLS cipher suite config updates which might mitigate the issue ( cf https://java.com/en/configure_crypto.html#TLSCipherSuiteOrder ) and also set the TLS version explicitly to 1.1 in the connection string.

Here is the latest version - https://github.com/microsoft/mssql-jdbc/releases/tag/v10.2.0

View solution in original post

6 REPLIES 6

User16741082858
Contributor III

This is related to cipher algorithm config occasionally failing during the handshake. As an immediate workaround I'd recommend trying to update to the latest JDBC driver which has a newer JRE which has some TLS cipher suite config updates which might mitigate the issue ( cf https://java.com/en/configure_crypto.html#TLSCipherSuiteOrder ) and also set the TLS version explicitly to 1.1 in the connection string.

Here is the latest version - https://github.com/microsoft/mssql-jdbc/releases/tag/v10.2.0

Thx Pearl.. we already use mssql-jdbc 10.2.0 (from Maven library com.microsoft.azure:spark-mssql-connector_2.12:1.2.0)

Michael_Galli
Contributor III

@Pearl Ubaru​ 

TLS 1.1 is already deprecated.

Are there any concerns from your side to set TLS 1.2 in the connection string?

Hi @Michael Galli​. No there should be no concerns. What DBR version are you using?

@Pearl Ubaru​ DBR 9.1 LTS, because we are using com.microsoft.azure:spark-mssql-connector_2.12:1.2.0

Yes then you are fine. The DBR must be 8.4+ for TLS 1.2

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group