Tech

Connecting to AWS RDS SQL Server (MSSQL) from Windows 7

Troubleshooting guide for connection failures to MS SQL (SQL Server) 2019 from Windows 7

Due to various circumstances, I ended up running the expensive SQL Server on RDS. While it was working perfectly on Windows 10 and 11 via DBeaver and SSMS, a connection issue occurred specifically on SSMS installed on an older Windows 7 machine.

I confirmed that the RDS firewall was open, and the port (25441) was reachable via telnet from Windows 7. Thinking the custom port might be the issue, I reverted it to default, but the connection still failed. The error message was as follows:

**Connect to Server** Cannot connect to xxxxxxxxxxxxx.rds.amazonaws.com, 25441`.

Additional Information:

  • A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - An existing connection was forcibly closed by the remote host.)

  • (Microsoft SQL Server, Error: 10054)

  • An existing connection was forcibly closed by the remote host.`

I consulted my friends, GPT and Gemini. Beyond general advice, the main suggestion was to set the value of rds.force_ssl to 0 in the Option Group.

I changed that setting (I won’t detail the process here) and attempted to connect after a reboot, but it still failed! However, looking at the error message, the problem clearly stemmed from an SSL connection issue. While searching through various settings, I found the key parameters: rds.tls10, rds.tls11, and rds.tls12.

rds.tls12 was non-modifiable. Since Windows 7 is an older version, it seemed necessary to allow older standards, yet the default settings were applied. So, I changed the modifiable parameters rds.tls10 and rds.tls11 to enabled and rebooted!

And finally, the connection was successful!

It feels great to solve a long-standing challenge. I hope this helps others facing the same issue.

Summary: If you cannot connect to an MS SQL 2019 (SQL Server 2019) database from Windows 7, it is likely because TLS 1.1 and TLS 1.0 connections are blocked by the SQL Server. To allow them, change the values of rds.tls10 and rds.tls11 to enabled in the “Parameter Group” and then reboot!

Thank you.

© 2020 - 2026 Hope Land
Built with Hugo
Theme Stack designed by Jimmy