Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. IT Analytics Help
  3. Section IX. Data Protection
  4. Configuration for Commvault Simpana
  5. Upgrade troubleshooting: Microsoft SQL Server and Java 11

Upgrade troubleshooting: Microsoft SQL Server and Java 11

With the introduction of support for Java 11, older versions of MS SQL Server may encounter compatibility issues. The following section covers potential workarounds. Collection occurs from the Microsoft SQL Server database used by the system the data collector is collecting from. The version of Java used by IT Analytics disables some insecure TLS algorithms by default. If collection fails with the following error in the collector logs, the version of MS SQL Server may be incompatible and not allow collection using the TLS algorithms enabled by default with Java 11.

Failed to establish JDBC connection to: jdbc:jtds:sqlserver://...
java.sql.SQLException: Network error IOException: null
at net.sourceforge.jtds.jdbc.JtdsConnection.<init>
(JtdsConnection.java:437)
			

Upgrade MS SQL Server to the latest version to enable secure collection. Your MS SQL Server version may not be supported. If upgrade is not possible, a workaround can be attempted to restore compatibility. If the following steps do not resolve the issue, your version of MS SQL Server is not supported.

Use the following steps to modify the enabled algorithms to attempt communication with the data collector. Note that using this workaround will reduce the security of your collection. The default list of disabled algorithms is taken from Java 11.0.6 and may change in later versions.

  1. Edit <collector install dir>/java/conf/security/java.security.

  2. Search for jdk.tls.disabledAlgorithms.

  3. Copy the existing lines and comment (to have a backup for easy restore).

    #jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, 
    DH keySize < 1024, \
    #    EC keySize < 224, 3DES_EDE_CBC, anon, NULL
    jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, 
    DH keySize < 1024, \
        EC keySize < 224, 3DES_EDE_CBC, anon, NULL
  4. One at a time, remove an algorithm from the jdk.tls.disabledAlgorithms and test the collection, starting at the last algorithm and working backward. Stop once you reach an algorithm containing 'keySize <'.

    • Remove one algorithm - for example NULL

      jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, 
      DH keySize < 1024, \
          EC keySize < 224, 3DES_EDE_CBC, anon
    • Save the file.

    • Run checkinstall and verify collection succeeds.

    • If checkinstall does not succeed, restore jdk.tls.disabledAlgorithms to its original state.

  5. Change to DH keySize<768 - for example.

    jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA,
    DH keySize < 768, \
    EC keySize < 224, 3DES_EDE_CBC, anon, NULL
    • Save the file.

    • Run checkinstall and verify collection succeeds.

  6. If a working configuration is found, restart the collector service.

Feedback

Was this page helpful?
Previous

Prerequisites for adding Data Collectors (Commvault Simpana)

Next

Installation overview (Commvault Simpana)

Feedback

Was this page helpful?