Is your feature request related to a problem? If so, please give a short summary of the problem and how the feature would resolve it
According to the Node JS tedious module documentation (https://www.npmjs.com/package/tedious), the tedious library currently only supports encryption up to TDS 7.4 for TLS v1.2 protocol. Therefore tedious currently cannot connect to SQL 2022/2025 when the "Force Strict Encryption" option is enabled, which requires TDS 8.0 to achieve TLS v1.3 protocol. Certain institutions are subject to security compliance requirements that require the higher level of security. Implementing TDS 8.0 for TLS v1.3 will allow the tedious module to be used for higher security requirement scenarios.
Describe the preferred solution
Enable support for the TLS v1.3 protocol with TDS 8.0, extending the "Encrypt" option to support "strict" mode, and the TDS version option to support TDS 8.0, and/or support for a TLS version option to support a TLS v1.3 method.
Describe alternatives you've considered
https://nodejs.org/docs/latest/api/tls.html#tlscreatesecurecontextoptions
tls.createSecureContext({ secureProtocol: "TLSv1_3_method" })
tls.createSecureContext({ minVersion: "TLSv1.3", maxVersion: "TLSv1.3" })
Additional context
Currently Node JS 22.18.0 with the mssql 9.3.2 and tedious 16.7.1 modules throws the following error when attempting to connect to SQL Server 2025 with the "Force Encryption" and "Force Strict Encryption" options enabled:
Connection String:
"Server=tcp:{ServerName},{Port};Database={DatabaseName};User ID={UserName};Password={Password};Encrypt=strict;CryptoProtocolVersion=TLSv1.3;TrustServerCertificate=true"
{
"code": "ESOCKET",
"originalError": {
"code": "ESOCKET"
},
"name": "ConnectionError",
"message": "Connection lost - socket hang up",
"stack": [
"ConnectionError: Connection lost - socket hang up",
" at .../node_modules/mssql/lib/tedious/connection-pool.js:85:17",
" at Connection.onError (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1017:9)",
" at Object.onceWrapper (node:events:634:26)",
" at Connection.emit (node:events:531:35)",
" at Connection.emit (node:domain:489:12)",
" at Connection.emit (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1040:18)",
" at Connection.socketError (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1399:12)",
" at Connection.socketEnd (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1415:12)",
" at Socket. (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1155:16)",
" at Socket.emit (node:events:531:35)"
]
}
Is your feature request related to a problem? If so, please give a short summary of the problem and how the feature would resolve it
According to the Node JS tedious module documentation (https://www.npmjs.com/package/tedious), the tedious library currently only supports encryption up to TDS 7.4 for TLS v1.2 protocol. Therefore tedious currently cannot connect to SQL 2022/2025 when the "Force Strict Encryption" option is enabled, which requires TDS 8.0 to achieve TLS v1.3 protocol. Certain institutions are subject to security compliance requirements that require the higher level of security. Implementing TDS 8.0 for TLS v1.3 will allow the tedious module to be used for higher security requirement scenarios.
Describe the preferred solution
Enable support for the TLS v1.3 protocol with TDS 8.0, extending the "Encrypt" option to support "strict" mode, and the TDS version option to support TDS 8.0, and/or support for a TLS version option to support a TLS v1.3 method.
Describe alternatives you've considered
https://nodejs.org/docs/latest/api/tls.html#tlscreatesecurecontextoptions
tls.createSecureContext({ secureProtocol: "TLSv1_3_method" })
tls.createSecureContext({ minVersion: "TLSv1.3", maxVersion: "TLSv1.3" })
Additional context
Currently Node JS 22.18.0 with the mssql 9.3.2 and tedious 16.7.1 modules throws the following error when attempting to connect to SQL Server 2025 with the "Force Encryption" and "Force Strict Encryption" options enabled:
Connection String:
"Server=tcp:{ServerName},{Port};Database={DatabaseName};User ID={UserName};Password={Password};Encrypt=strict;CryptoProtocolVersion=TLSv1.3;TrustServerCertificate=true"
{
"code": "ESOCKET",
"originalError": {
"code": "ESOCKET"
},
"name": "ConnectionError",
"message": "Connection lost - socket hang up",
"stack": [
"ConnectionError: Connection lost - socket hang up",
" at .../node_modules/mssql/lib/tedious/connection-pool.js:85:17",
" at Connection.onError (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1017:9)",
" at Object.onceWrapper (node:events:634:26)",
" at Connection.emit (node:events:531:35)",
" at Connection.emit (node:domain:489:12)",
" at Connection.emit (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1040:18)",
" at Connection.socketError (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1399:12)",
" at Connection.socketEnd (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1415:12)",
" at Socket. (.../node_modules/mssql/node_modules/tedious/lib/connection.js:1155:16)",
" at Socket.emit (node:events:531:35)"
]
}