Some users have reported the following error at connect:
Message: The server selected protocol version TLS11 is not accepted by client preferences [TLS13, TLS12]
Starting in Java 11 (used by DbVisualizer 12+), TLSv1 and TLSv1.1 are outdated and disabled. For servers still require these versions, you need to re-enable these.
Option 1 - Create an overridden file (preferred)
First, open C:\Program Files\DbVisualizer\jre\conf\security\java.security (Windows) in a text editor and locate security.overridePropertiesFile. Set its value to true (this is usually the default value). Then, take the following steps:
- Create a file named enableLegacyTLS.security
- In that file, add an entry for jdk.tls.disabledAlgorithms with the same contents as the jdk.tls.disabledAlgorithms property in the java.security file
- Remove TLSv1 and/or TLSv1.1 from the list in the enableLegacyTLS.security file
- In DbVisualizer open Tools->Tool Properties and select the General tab. In Specify Overridden Java Properties here text box add a new row with:
- Click OK, restart, and then connect.
Option 2 - Update the Java installation
Update the java.security file that is included in the Java installation. For bundled Java this file is typically available in C:\Program Files\DbVisualizer\jre\conf\security\java.security in Windows.
Open the file in a text editor and locate jdk.tls.disabledAlgorithms:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA, \
Remove TLSv1.1 from the list of algorithms:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, RC4, DES, MD5withRSA, \
Save the file and connect.
A better option than enabling outdated SSL versions is to ensure the server is using the latest recommended versions.