You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/connect/oledb/major-version-differences.md
+5-3Lines changed: 5 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,7 @@ title: "MSOLEDBSQL major version differences"
3
3
description: A description of the differences between the OLE DB Driver 19 for SQL Server and the OLE DB Driver for SQL Server
4
4
author: David-Engel
5
5
ms.author: davidengel
6
-
ms.date: "02/16/2022"
6
+
ms.date: 05/02/2025
7
7
ms.service: sql
8
8
ms.subservice: connectivity
9
9
ms.topic: "reference"
@@ -17,12 +17,14 @@ helpviewer_keywords:
17
17
18
18
## Encryption property changes
19
19
20
-
In the Microsoft OLE DB Driver 19 for SQL Server, there are a number of changes made to the encrypt property/connection string keyword.
20
+
In the Microsoft OLE DB Driver 19 for SQL Server, there are a number of changes made to the encrypt property/connection string keyword and certificate validation behavior.
21
21
22
22
First, the driver property `SSPROP_INIT_ENCRYPT` has been changed from a `VT_BOOL` to a `VT_BSTR`. The valid values of this property are `no`/`yes`/`true`/`false`/`Optional`/`Mandatory`/`Strict`. The valid values for the provider connection string keyword `Encrypt` have changed from `no`/`yes` to `no`/`yes`/`true`/`false`/`Optional`/`Mandatory`/`Strict`. Similarly, for the `IDataInitialize` connection string keyword `Use Encryption for Data`, the valid values have changed from `true`/`false` to `no`/`yes`/`true`/`false`/`Optional`/`Mandatory`/`Strict`. The `Optional` value is synonymous with the old `no`/`false` values and the `Mandatory` value is synonymous with the old `yes`/`true` values. `Strict` is a new value added in version 19.0.0 of the OLE DB Driver for SQL Server and encrypts `PRELOGIN` packets in addition to all other communication with the server. `Strict` encryption is only supported on SQL Server endpoints that support TDS 8.0, otherwise the driver will fail to connect. The OLE DB Driver 19 for SQL Server continues to support all legacy keyword values for backwards compatibility.
23
23
24
24
Second, the default value has changed from `no`/`false` to `Mandatory`. This change means that connections are encrypted by default. Previously, the driver would encrypt connections if explicitly set by the user and/or mandated by the SQL Server when the server side property `Force Encryption` was set to `yes`. To use old default behavior, include `Encrypt=Optional;` in the provider connection string, or `Use Encryption for Data=Optional;` in the `IDataInitialize` connection string.
25
25
26
+
Third, the `Trust Server Certificate` option has been disconnected from the `Encrypt`/`Use Encryption for Data` option. In previous versions, when `Encrypt` was `false` on the client, the `Trust Server Certificate` setting was always ignored, even if the server required encryption (the server-side `Force Encryption` setting). Starting with version 19, if encryption is negotiated on the connection by either the client or the server, the `Trust Server Certificate` setting is evaluated to determine whether the certificate should be validated by the client. This behavior change will cause version 19 clients that use default settings to fail to connect when the server forces encryption and uses an untrusted certificate (an insecure server configuration). Clients must change their `Trust Server Certificate` registry setting and connection option to connect to servers configured that way. For more information, see [Registry settings](features/registry-settings.md) and [Encryption and certificate validation](features/encryption-and-certificate-validation.md)
27
+
26
28
## Driver name changes
27
29
28
30
The new Microsoft OLE DB Driver 19 for SQL Server supports side by side installation with the older Microsoft OLE DB Driver for SQL Server. To be able to differentiate the drivers, the name was changed to include the major version number. To use the new driver in an application, the user must specify the new driver name. The new driver name, along with the corresponding CLSID, is specified in the updated `msoledbsql.h` header that must be included in the project. Connections through the `IDBInitialize` interface require no further changes since `MSOLEDBSQL_CLSID` will specify the CLSID of the OLE DB Driver 19 for SQL Server. Connections through the `IDataInitialize` interface must replace the value of the `Provider` keyword with `MSOLEDBSQL19` to use the Microsoft OLE DB Driver 19 for SQL Server. In graphical user interfaces such as data link properties or linked server setup in SSMS, "Microsoft OLE DB Driver 19 for SQL Server" must be selected from the list of installed providers.
@@ -35,4 +37,4 @@ The new Microsoft OLE DB Driver 19 for SQL Server supports side by side installa
35
37
[SQL Server Login Dialog Box (OLE DB)](help-topics/sql-server-login-dialog.md)
36
38
[Initialization and authorization properties (OLE DB driver)](ole-db-data-source-objects/initialization-and-authorization-properties.md)
0 commit comments