Android: SQLConnection.open Android: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 35 - An internal exception was caught)

[thevirtualdj]

Description

On Windows System.Data.SQLClient (4.8.3) connection open works fine.
Same code on android throws an error:

{System.Data.SqlClient.SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 35 - An internal exception was caught)
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> Interop+AndroidCrypto+SslException: Exception of type 'Interop+AndroidCrypto+SslException' was thrown.
--- End of inner exception stack trace ---
Any ideas?
Like the sql server connection is forced to use SSL but on server side it is not (on windows works just fine).

Steps to Reproduce

1. Created New MAUI app
2. On button click used code from Class Library where Used System.Data.SQLClient (4.8.3)

Here is the code:

        string connectionString = @"Server=IPADRESS,PORT;Database=Transport;User Id=sa;Password=secretpass;Encrypt=False; TrustServerCertificate=true";
        string sql = "select Vozilo from VOZILA";
        string ret = "";
        SqlConnection Connection = new SqlConnection(connectionString);
        ConnectionState ps = Connection.State;
        var tbl = new DataTable();
        var cmd = new SqlDataAdapter(sql, Connection);
        cmd.SelectCommand.CommandTimeout = 0;
        try
        {
            if (ps != ConnectionState.Open)
                Connection.Open();
            cmd.Fill(tbl);
        }
        catch (DbException ex)
        {
            ret = ex.Message;
        }
        finally
        {
            cmd = default;
            if (ps == ConnectionState.Closed)
                Connection.Close();
        }
        if (tbl.Rows.Count > 0)
        {
            ret = tbl.Rows[0][0].ToString();
        }
        return ret;

Version with bug

Preview 10 (current)

Last version that worked well

Preview 10 (current)

Affected platforms

Android

Affected platform versions

Android 10

Did you find any workaround?

No

Relevant log output

{System.Data.SqlClient.SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 35 - An internal exception was caught)
 ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
 ---> Interop+AndroidCrypto+SslException: Exception of type 'Interop+AndroidCrypto+SslException' was thrown.
   --- End of inner exception stack trace ---
   at System.Net.Security.SslStream.<ForceAuthenticationAsync>d__173`1[[System.Net.Security.SyncReadWriteAdapter, System.Net.Security, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a]].MoveNext()
   at System.Net.Security.SslStream.AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
   at System.Data.SqlClient.SNI.SNITCPHandle.EnableSsl(UInt32 options)
   at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, Boolean applyTransientFaultHandling, String accessToken)
   at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnection owningObject, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection)
   at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection)
   at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)
   at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
   at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
   at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
   at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
   at System.Data.SqlClient.SqlConnection.Open()
   at ClassLibraryTest.TringSQL.GetStringFromDB() in C:\Users\Suvad\source\repos\MauiAppTest\ClassLibraryTest\TringSQL.cs:line 29
ClientConnectionId:9e5b0efd-b5e5-4d88-8ac7-7d160301b7b4}

[lulikin]

I think that this error is related.
HttpClientHandler ClientCertificates is null, And I cannot add to collection.

[antoniosmiljanic]

Experiencing the same issue as @thevirtualdj.

[DominicMaas]

Similar issue here but with Microsoft.Data.SqlClient v4.0.0 (Encrypt=False):

**Microsoft.Data.SqlClient.SqlException:** 'A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 35 - An internal exception was caught)'

[mono-rt] [ERROR] FATAL UNHANDLED EXCEPTION: Microsoft.Data.SqlClient.SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 35 - An internal exception was caught)
[mono-rt]  ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
[mono-rt]  ---> Interop+AndroidCrypto+SslException: Exception of type 'Interop+AndroidCrypto+SslException' was thrown.
[mono-rt]    --- End of inner exception stack trace ---
[mono-rt]    at System.Net.Security.SslStream.<ForceAuthenticationAsync>d__173`1[[System.Net.Security.SyncReadWriteAdapter, System.Net.Security, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a]].MoveNext()
[mono-rt]    at System.Net.Security.SslStream.AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
[mono-rt]    at System.Net.Security.SslStream.Authentic12-16 09:29:38.044 F/mono-rt (28014):    at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
[mono-rt]    at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
[mono-rt]    at Microsoft.Data.SqlClient.SNI.SNITCPHandle.EnableSsl(UInt32 options) in /_/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs:line 587
[mono-rt]    at Microsoft.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) in /_/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnection.cs:line 616
[mono-rt]    at Microsoft.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsPar12-16 09:29:38.044 F/mono-rt (28014):    at Microsoft.Data.SqlClient.TdsParser.ConsumePreLoginHandshake(Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, Boolean& marsCapable, Boolean& fedAuthRequired) in /_/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs:line 929
[mono-rt]    at Microsoft.Data.SqlClient.TdsParser.Connect(ServerInfo serverInfo, SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, Boolean withFailover, SqlAuthenticationMethod authType) in /_/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs:line 475
[mono-rt]    at Microsoft.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerIn12-16 09:29:38.044 F/mono-rt (28014):    at Microsoft.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover) in /_/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs:line 1875
[mono-rt]    at Microsoft.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout) in /_/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs:line 1579
[mono-rt]    at Microsoft.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance) in /_/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs:line 1427
[mono-rt]    at Microsoft.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, Boolean applyTransientFaultHandling, String accessToken, DbConnectionPool pool) in /_/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs:line 519

I can also see this in the logs before the exception:

[System.err] java.lang.IllegalStateException: Handshake has already been started
[System.err] 	at com.android.org.conscrypt.ConscryptEngine.beginHandshakeInternal(ConscryptEngine.java:376)
[System.err] 	at com.android.org.conscrypt.ConscryptEngine.beginHandshake(ConscryptEngine.java:366)

[thevirtualdj]

Any progress on this issue? Using System.Data.SqlClient version 4.8.3

[lulikin]

MAUI preview12 same error. V V pet., 11. feb. 2022 ob 11:42 je oseba thevirtualdj < ***@***.***> napisala:

…

Any progress on this issue? Using System.Data.SqlClient version 4.8.3 — Reply to this email directly, view it on GitHub <#3522 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AJOAT7CYOYIGQTHAR2JBOW3U2TRXPANCNFSM5IS74Q7A> . Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>. You are receiving this because you commented.Message ID: ***@***.***>

[ninostursa]

Same.....

[stegl83]

I have the same problem and found out:

1. System.Data.SqlClient and Microsoft.Data.SqlClient (5.0.0-preview1.22069.1) have both the same problem.

2. there is a difference between cloud and installed servers

• connect to SqlServer in network -> error above
• connect to AzureSqlServer -> works!

Maybe someone find this information useful.
I suppose there is something in the default-configration of AzureSQL different ...

[Redth]

Please read the TLS Docs for Android (they apply to MAUI too).

[thevirtualdj]

OK, but where to set TLS 1.2 in android options (it does not exists in VS Preview 17.1)
Can find it in Xamarin but no option to set it on .NET MAUI. project properties.
https://docs.microsoft.com/en-us/xamarin/cross-platform/app-fundamentals/transport-layer-security?tabs=windows
Is there an option in VS somewhere (really got into it but cannot find it)?

And not only one for now.. Please advise.

https://docs.microsoft.com/en-us/answers/questions/658469/use-httpclient-in-maui.html

[Redth]

You will likely need to also consult the Android Network Security Config Docs if you are trying to create an exception to use a non-TLS connection to a server from within your app.