MSSQL Server TLS 1.2

backend Jun 25, 2022

My first job out of college was working on SQL Server Tiger team at Microsoft. We were responsible for fixing customer escalations from customer support for MSSQL Server. My biggest contribution here was adding TLS 1.2 support to all products. This meant both the server and our client drivers.

The hardest part of this project was adding support to 2008 and 2008 R2. Their networking code didn't support headers of various sizes and thus couldn't fit the TLS 1.2 header in the SQL Server protocol based on how we coded it (TDS). Without back-porting 8 years worth of netcode changes, I was able to work around the issue and allow our packets to compensate for the larger variable-length TLS headers.

I helped create knowledge bases and support articles for customers upgrading to TLS 1.2 which was a major requirement for banks to abide by to stay compliant.

You can check out the release page for this here: https://support.microsoft.com/en-us/topic/kb3135244-tls-1-2-support-for-microsoft-sql-server-e4472ef8-90a9-13c1-e4d8-44aad198cdbe

Tags