Amit Banerjee, profile picture
Uploaded byAmit Banerjee
5,401 views

Securing SQL Server with TLS 1.2

The document discusses issues related to Microsoft SQL Server, specifically regarding TLS 1.2 updates and the required .NET framework updates for proper functionality. It highlights various connection errors and potential solutions for database connectivity, including registry modifications. The author, @banerjeeamit, is a senior program manager on the SQL Server team and has co-authored several professional SQL books.

Embed presentation

PS C:Users> whoami Known on Twitter as @banerjeeamit An affair with SQL Server for nearly a decade Sr. Program Manager on the Microsoft SQL Server (TIGER) product team Speaker at SQL PASS 24HOP TechEd Virtual TechDays User Groups SQL Saturdays SQLBITS Co-authored “Pro SQL Server on Microsoft Azure” Co-authored “Professional SQL Server 2012: Internals and Troubleshooting” Own TroubleshootingSQL.com Also found on http://aka.ms/sqlserverteam 2 @mssqltiger
No known vulnerabilities have been reported for the Microsoft TDS implementation. This is the communication protocol that's used between SQL Server clients and the SQL Server database engine.
SQL Server Tiger Team
SQL Server Tiger Team
SQL Server Tiger Team
SQL Server Tiger Team
SQL Server 2014 FCI or below Web servers • .NET Framework update to use TLS 1.2 with Database Mail • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
SQL Server 2014 FCI or below Web servers • Apply the .NET updates • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
SQL Server 2014 FCI or below Web servers • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
SQL Server Tiger Team The report server cannot open a connection to the report server database. A connection to the database is required for all requests and processing. (rsReportServerDatabaseUnavailable) KB3135244: SQL Server client updates have not been applied, namely .NET Framework updates are required so that older versions of ADO.NET can use TLS 1.2.
SQL Server Tiger Team Connection handshake failed. An OS call failed: (80090331) 0x80090331(The client and server cannot communicate, because they do not possess a common algorithm.). State 56. KB3135244: Database engine needs to be updated to support TLS 1.2 communications for Service Broker, Database Mirroring and Availability Groups
SQL Server Tiger Team Wait on the Database Engine recovery handle failed. Check the SQL Server error log for potential causes. A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: Named Pipes Provider, error: 0 - No process is on the other end of the pipe.) KB3135769: Apply the necessary .NET fixes and run SQL Server setup again.
SQL Server Tiger Team Connection handshake failed. An OS call failed: (80090331) 0x80090331(The client and server cannot communicate, because they do not possess a common algorithm.). State 58.' KB3137281: TLS 1.2 doesn't support MD5 as a signature hash algorithm. Switch to a non-MD5 signature hash for certificates that are used for SQL Server endpoint encryption.
SQL Server Tiger Team Agent Log: Microsoft.SqlServer.Management.SqlIMail.Server.Common.BaseException: Mail configuration information could not be read from the database. …. …. Unable to start mail session. KB3135244: .NET framework updates required to support TLS 1.2 for database mail need to be applied.
SQL Server Tiger Team Could not connect to server: A connection was successfully established to the server, but then an error occurred during the pre-login handshake Create the following registry key on the system that hosts the Reporting Services Configuration Manager: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHAN NELProtocolsTLS 1.2Client : REG_DWORD=Enabled, "Enabled"=dword:00000001
SQL Server Tiger Team
SQL Server Tiger Team https://github.com/amitmsft/MSSQLTIGERDemos http://spoke.at/TigerTLS https://blogs.msdn.microsoft.com/sqlreleaseservices/tls-1-2- support-for-sql-server-2008-2008-r2-2012-and-2014/ KB3135244
• Blog: • Aka.ms/sqlserverteam • www.troubleshootingsql.com • Twitter: • @banerjeeamit • @mssqltiger
Securing SQL Server with TLS 1.2

More Related Content

PDF
Introduction to Stream Processing
byGuido Schmutz
 
PDF
VTU internet of things(IOT) notes by Nithin,VVCE, Mysuru
byNithin Kumar,VVCE, Mysuru
 
PDF
Messaging in CQRS with MassTransit
byGeorge Tourkas
 
PPTX
RESTful Architecture
byKabir Baidya
 
PPTX
Awskrug AWS SNS, SQS, and SES
byJungHakLee4
 
PPTX
Introduction to Scala
byMohammad Hossein Rimaz
 
PPTX
Yaml
bySabarinath Gnanasekar
 
PDF
aggregation and indexing with suitable example using MongoDB.
bybhavesh lande
 
Introduction to Stream Processing
byGuido Schmutz
 
VTU internet of things(IOT) notes by Nithin,VVCE, Mysuru
byNithin Kumar,VVCE, Mysuru
 
Messaging in CQRS with MassTransit
byGeorge Tourkas
 
RESTful Architecture
byKabir Baidya
 
Awskrug AWS SNS, SQS, and SES
byJungHakLee4
 
Introduction to Scala
byMohammad Hossein Rimaz
 
Yaml
bySabarinath Gnanasekar
 
aggregation and indexing with suitable example using MongoDB.
bybhavesh lande
 

What's hot

PDF
Real Time Processing Using Twitter Heron by Karthik Ramasamy
byData Con LA
 
PDF
Introduction to Stream Processing
byGuido Schmutz
 
PPTX
difference between React and Next js
byumairfarooq73
 
PPTX
BI, Reporting and Analytics on Apache Cassandra
byVictor Coustenoble
 
PDF
CQRS and Event Sourcing in Action
byKnoldus Inc.
 
PPTX
Using Queryable State for Fun and Profit
byFlink Forward
 
PDF
Meet up roadmap cloudera 2020 - janeiro
byThiago Santiago
 
PDF
Spring boot introduction
byRasheed Waraich
 
PDF
SpringBoot 3 Observability
byKnoldus Inc.
 
PDF
Hive spark-s3acommitter-hbase-nfs
byYifeng Jiang
 
PPTX
Cloud of things (IoT + Cloud Computing)
byZakaria Hossain
 
PPTX
Log analysis using Logstash,ElasticSearch and Kibana
byAvinash Ramineni
 
PPT
9. Document Oriented Databases
byFabio Fumarola
 
PPTX
Axon Framework, Exploring CQRS and Event Sourcing Architecture
byAshutosh Jadhav
 
PDF
Introduction to JSON
byKanda Runapongsa Saikaew
 
PPTX
JSON: The Basics
byJeff Fox
 
PPT
JavaScript Object Notation (JSON)
byBOSS Webtech
 
PDF
Json
bykrishnapriya Tadepalli
 
PPTX
Json
bySabarinath Gnanasekar
 
PPTX
Json
byShyamala Prayaga
 
Real Time Processing Using Twitter Heron by Karthik Ramasamy
byData Con LA
 
Introduction to Stream Processing
byGuido Schmutz
 
difference between React and Next js
byumairfarooq73
 
BI, Reporting and Analytics on Apache Cassandra
byVictor Coustenoble
 
CQRS and Event Sourcing in Action
byKnoldus Inc.
 
Using Queryable State for Fun and Profit
byFlink Forward
 
Meet up roadmap cloudera 2020 - janeiro
byThiago Santiago
 
Spring boot introduction
byRasheed Waraich
 
SpringBoot 3 Observability
byKnoldus Inc.
 
Hive spark-s3acommitter-hbase-nfs
byYifeng Jiang
 
Cloud of things (IoT + Cloud Computing)
byZakaria Hossain
 
Log analysis using Logstash,ElasticSearch and Kibana
byAvinash Ramineni
 
9. Document Oriented Databases
byFabio Fumarola
 
Axon Framework, Exploring CQRS and Event Sourcing Architecture
byAshutosh Jadhav
 
Introduction to JSON
byKanda Runapongsa Saikaew
 
JSON: The Basics
byJeff Fox
 
JavaScript Object Notation (JSON)
byBOSS Webtech
 
Json
bykrishnapriya Tadepalli
 
Json
bySabarinath Gnanasekar
 
Json
byShyamala Prayaga
 

More from Amit Banerjee

PPTX
Troubleshooting common scenarios with Always On - A Dress Rehearsal
byAmit Banerjee
 
PPTX
The Roadmap for SQL Server 2019
byAmit Banerjee
 
PPTX
Enhancements to High Availability, Disaster Recovery and Replication
byAmit Banerjee
 
PPTX
Azure database services for PostgreSQL and MySQL
byAmit Banerjee
 
PPTX
Performance Demystified for SQL Server on Azure Virtual Machines
byAmit Banerjee
 
PPTX
Upgrade your SQL Server like a Ninja
byAmit Banerjee
 
PPTX
Debugging made easier with extended events
byAmit Banerjee
 
PPTX
SQL Saturday 511 - Troubleshooting made easier using extended events
byAmit Banerjee
 
PPTX
You, SQL Server and PowerShell
byAmit Banerjee
 
PPTX
Always On Availability Group Troubleshooting Ninja
byAmit Banerjee
 
PPTX
Slow query bring it on
byAmit Banerjee
 
PPTX
AlwaysOn Troubleshooting Improvements
byAmit Banerjee
 
PPT
System health session
byAmit Banerjee
 
PPSX
Provisioning Azure Virtual Machines to run SQL Server
byAmit Banerjee
 
PPTX
SQL PASS 2017 - Building one million predictions per second using SQL Server ...
byAmit Banerjee
 
PPTX
SQL Server Tips and Tricks - Power
byAmit Banerjee
 
PPTX
Building 1 million predictions per second using SQL-R
byAmit Banerjee
 
PPTX
SQL Server Scheduling Basics
byAmit Banerjee
 
PPSX
Backup enhancements with SQL Server 2014
byAmit Banerjee
 
PPTX
Troubleshooting SQL Server using Power Pivot and Power View
byAmit Banerjee
 
Troubleshooting common scenarios with Always On - A Dress Rehearsal
byAmit Banerjee
 
The Roadmap for SQL Server 2019
byAmit Banerjee
 
Enhancements to High Availability, Disaster Recovery and Replication
byAmit Banerjee
 
Azure database services for PostgreSQL and MySQL
byAmit Banerjee
 
Performance Demystified for SQL Server on Azure Virtual Machines
byAmit Banerjee
 
Upgrade your SQL Server like a Ninja
byAmit Banerjee
 
Debugging made easier with extended events
byAmit Banerjee
 
SQL Saturday 511 - Troubleshooting made easier using extended events
byAmit Banerjee
 
You, SQL Server and PowerShell
byAmit Banerjee
 
Always On Availability Group Troubleshooting Ninja
byAmit Banerjee
 
Slow query bring it on
byAmit Banerjee
 
AlwaysOn Troubleshooting Improvements
byAmit Banerjee
 
System health session
byAmit Banerjee
 
Provisioning Azure Virtual Machines to run SQL Server
byAmit Banerjee
 
SQL PASS 2017 - Building one million predictions per second using SQL Server ...
byAmit Banerjee
 
SQL Server Tips and Tricks - Power
byAmit Banerjee
 
Building 1 million predictions per second using SQL-R
byAmit Banerjee
 
SQL Server Scheduling Basics
byAmit Banerjee
 
Backup enhancements with SQL Server 2014
byAmit Banerjee
 
Troubleshooting SQL Server using Power Pivot and Power View
byAmit Banerjee
 

Recently uploaded

PDF
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
PDF
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
PDF
A "Kill Switch" (Emergency Off Switch) for AI?
byScott M. Graffius
 
PPTX
Webinar: EVerest for Production: Accelerating EV Charger Development w/ Indus...
byDanBrown980551
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
PDF
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
PDF
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
PDF
P6 Presentation basics for project control managers and planners
byNebojsaPavlovic9
 
PPTX
Oracle SCM Cloud Solutions for Smart Supply Chain Management
byChetu
 
PDF
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
PPTX
Lecture 05. API Security for DevSecOps Eng.pptx
byvinocol222
 
PDF
SAP WalkMe Overview.pdf SAP WalkMe Overview.pdf
byMurniatiSimbolon2
 
PPTX
Basics-of-Electronics-and-Core-Components-of-IoT-Systems.pptx
byMuhammedNihal54
 
PPTX
Full course that Prymehat uploads for you
byOhenebaManu1
 
PDF
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
PDF
XonTel Plus IP-PBX Business Phone System
byXonTel Technology
 
PDF
KM World 2025 Enterprises, KM, & Agentic AI
byEnterprise Knowledge
 
PDF
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
PPTX
Why GEO Is the Next Big Shift in Content Marketing.pptx
bySambitParhi2
 
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
A "Kill Switch" (Emergency Off Switch) for AI?
byScott M. Graffius
 
Webinar: EVerest for Production: Accelerating EV Charger Development w/ Indus...
byDanBrown980551
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
P6 Presentation basics for project control managers and planners
byNebojsaPavlovic9
 
Oracle SCM Cloud Solutions for Smart Supply Chain Management
byChetu
 
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
Lecture 05. API Security for DevSecOps Eng.pptx
byvinocol222
 
SAP WalkMe Overview.pdf SAP WalkMe Overview.pdf
byMurniatiSimbolon2
 
Basics-of-Electronics-and-Core-Components-of-IoT-Systems.pptx
byMuhammedNihal54
 
Full course that Prymehat uploads for you
byOhenebaManu1
 
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
XonTel Plus IP-PBX Business Phone System
byXonTel Technology
 
KM World 2025 Enterprises, KM, & Agentic AI
byEnterprise Knowledge
 
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
Why GEO Is the Next Big Shift in Content Marketing.pptx
bySambitParhi2
 

Securing SQL Server with TLS 1.2

  • 2.
    PS C:Users> whoami Known onTwitter as @banerjeeamit An affair with SQL Server for nearly a decade Sr. Program Manager on the Microsoft SQL Server (TIGER) product team Speaker at SQL PASS 24HOP TechEd Virtual TechDays User Groups SQL Saturdays SQLBITS Co-authored “Pro SQL Server on Microsoft Azure” Co-authored “Professional SQL Server 2012: Internals and Troubleshooting” Own TroubleshootingSQL.com Also found on http://aka.ms/sqlserverteam 2 @mssqltiger
  • 3.
    No known vulnerabilitieshave been reported for the Microsoft TDS implementation. This is the communication protocol that's used between SQL Server clients and the SQL Server database engine.
  • 4.
  • 5.
  • 8.
  • 9.
  • 10.
    SQL Server 2014FCI or below Web servers • .NET Framework update to use TLS 1.2 with Database Mail • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
  • 11.
    SQL Server 2014FCI or below Web servers • Apply the .NET updates • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
  • 12.
    SQL Server 2014FCI or below Web servers • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
  • 13.
    SQL Server TigerTeam The report server cannot open a connection to the report server database. A connection to the database is required for all requests and processing. (rsReportServerDatabaseUnavailable) KB3135244: SQL Server client updates have not been applied, namely .NET Framework updates are required so that older versions of ADO.NET can use TLS 1.2.
  • 14.
    SQL Server TigerTeam Connection handshake failed. An OS call failed: (80090331) 0x80090331(The client and server cannot communicate, because they do not possess a common algorithm.). State 56. KB3135244: Database engine needs to be updated to support TLS 1.2 communications for Service Broker, Database Mirroring and Availability Groups
  • 15.
    SQL Server TigerTeam Wait on the Database Engine recovery handle failed. Check the SQL Server error log for potential causes. A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: Named Pipes Provider, error: 0 - No process is on the other end of the pipe.) KB3135769: Apply the necessary .NET fixes and run SQL Server setup again.
  • 16.
    SQL Server TigerTeam Connection handshake failed. An OS call failed: (80090331) 0x80090331(The client and server cannot communicate, because they do not possess a common algorithm.). State 58.' KB3137281: TLS 1.2 doesn't support MD5 as a signature hash algorithm. Switch to a non-MD5 signature hash for certificates that are used for SQL Server endpoint encryption.
  • 17.
    SQL Server TigerTeam Agent Log: Microsoft.SqlServer.Management.SqlIMail.Server.Common.BaseException: Mail configuration information could not be read from the database. …. …. Unable to start mail session. KB3135244: .NET framework updates required to support TLS 1.2 for database mail need to be applied.
  • 18.
    SQL Server TigerTeam Could not connect to server: A connection was successfully established to the server, but then an error occurred during the pre-login handshake Create the following registry key on the system that hosts the Reporting Services Configuration Manager: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHAN NELProtocolsTLS 1.2Client : REG_DWORD=Enabled, "Enabled"=dword:00000001
  • 19.
  • 20.
    SQL Server TigerTeam https://github.com/amitmsft/MSSQLTIGERDemos http://spoke.at/TigerTLS https://blogs.msdn.microsoft.com/sqlreleaseservices/tls-1-2- support-for-sql-server-2008-2008-r2-2012-and-2014/ KB3135244
  • 21.
    • Blog: • Aka.ms/sqlserverteam •www.troubleshootingsql.com • Twitter: • @banerjeeamit • @mssqltiger