Fortify SSC 20.1 Upgrade Database Connection Fail
Hi good day to everyone,
We were upgrading the Fortify SSC from version 19.2 to version 20.1, these are the steps we have done:
- Remove 19.20 WAR file from Tomcat
- Deploy 20.10 WAR file to Tomcat home
- Restart Tomcat
- Access Fortify SSC portal to continue configuration of 20.10 via web-based wizard
- Had sqljdbc_auth.dll downloaded
- Tomcat is running with the domain account we would like to use for the connection to the database
The configuration wizard stuck at Database Setup where test connection keep failing. Below is the JDBC URL we have set, as there's SQL Server installed and connected since in version 19.20.
This is the SSC error log:
2020-07-24 04:50:38,321 fe80:0:0:0:500f:70a2:b5f9:7e80%3 /ssc/init/datasource-test [ERROR] com.fortify.ssc.init.endpoints.AppInitDatabaseOperationsController - Database test connection error: Cannot create PoolableConnectionFactory (This driver is not configured for integrated authentication. ClientConnectionId:bc621ff3-41ed-4c61-be1e-d1e51166632f)
Appeciate if any expert here can assist further on this issue. Thank you very much!
What version of the sqljdb_auth.dll are you using? Starting with SSC 20.1.0 development decided to bundle the MSSQL JDBC driver with the ssc.war file and located in tomcat/webapps/ssc/WEB-INF/lib; however, they did not include the sqljdbc_auth.dll. The driver version bundled with SSC is 8.2.0. If you are wanting to use a newer version of the driver, you will need to perform the following:
1) Take the ssc.war file from the installation download
2) Using the Java Developer Tools remove the 8.2.0 JDBC bundled with the war file
3) (If it exists) Remove the ssc directory from the Tomcat\webapps directory
4) Replace the ssc.war file in the Tomcat\webapps directory with the ssc.war file generated from step 2
5) Add the latest MSSQL JDBC driver to the Tomcat\lib directory
6) Add the latest MSSQL JDBC auth dll to the C:\Windows\System32 (or the location you used to place it on the system path)
Thanks for your quick reply. I've done all have been suggested, unfortunately still getting the same error.
I am using JDBC driver version 8.2.2.
Appreciate if you can assist further. Thanks!
We can reproduce this error in the following instances:
1. There is a version mismatch between the dll's.
2. There is a mixture of versions.
3. Multiple versions found in the same instance.
Please verify these are not happening in your installation. If you continue experiencing an issue you may want to go ahead an open a ticket with support for further analysis.
Thanks again for your reply.
I’ve followed and verified, but it seems the error is still exist, now we are encountering fortify.home file is missing hence we couldn’t locate for the init token for the wizard initialization.
We have also reaching out to the support team but unfortunately it seems doesn’t help as well.
If you have a support ticket you feel is not making progress please follow the steps mentioned here https://community.microfocus.com/t5/Fortify-User-Discussions/What-to-do-if-I-have-concerns-about-a-case/td-p/2759986
I'm running into a similar situation.
I've had 19.1.0 installed for a bit without issue. However, attempting to upgrade to 20.1.0, I'm running into the same error message about "Connection Fail" when I am trying to authenticate to my SQL 2017 database which is running on a different server. Nothing has changed with our environment, beyond just trying to go from 19.1.0 to 20.1.0.
I did see what was mentioned above in this post, regarding not needing to download the JDBC driver as that is now packaged with the ssc file. I read the install guide for 20.1.0 and I see that there is a special notice under "new features" regarding not needing to get the JDBC driver if you are using SQL, however, it seems like the rest of the documentation wasn't changed from previous installations, so I have a few questions:
1.) If I am trying to use a domain account to authenticate to my remote SQL database, do I need to download JDBC Driver 8.2.0 (as mentioned above in this post as being included with the SSC), and copy the sqljdbc_auth.dll to somewhere such as C:\Windows\System32 as I had in my previous installation? If so, all I can find currently from Microsoft is 8.2.2, not 8.2.0.
2.) Is it also true that I no longer need to include the path to Microsoft JDBC driver on the Java tab in the classpath section for Tomcat?
3.) Is there something else I could potentially be missing? My authentication works if I use a local SQL account instead of a windows account, as long as I remove "integratedSecurity=true" from my jdbc url.
Sorry if my questions weren't clear, just trying to make sense of all of this.
I should note that I am also attempting to use Tomcat 9.37.0, I previously had Tomcat 9.35.0 without issue when I was running SSC 19.1.0.
The development team did not include the dll for domain auth. Based on this you will need to download the corresponding version of the dll and include it in your implementation.
If you continue to have issues, please open a support ticket for further investigation.
Is the version of the JDBC driver that the development team used version 8.2.0 or 8.2.2? As mentioned previously, when looking at Microsoft's site, the only currently available version is 8.2.2, the only other "previous" versions available all pre-date version 8.
When you say that I need to include it in my implementation, does that mean that I need to add it to the Tomcat classpath also, or can that be skipped?
Yes, it is 8.2.0 and it can be downloaded here https://github.com/microsoft/mssql-jdbc/releases
It does need to be installed according to Microsoft's instructions - https://docs.microsoft.com/en-us/sql/connect/jdbc/using-the-jdbc-driver?view=sql-server-ver15