Sql provider ssl provider error 0

[{«Business Unit»:{«code»:»BU059″,»label»:»IBM Software w/o TPS»},»Product»:{«code»:»SS9S6B»,»label»:»IBM Cognos Controller»},»Component»:»»,»Platform»:[{«code»:»PF033″,»label»:»Windows»}],»Version»:»All Versions»,»Edition»:»»,»Line of Business»:{«code»:»LOB10″,»label»:»Data and AI»}}]

Posted by blakhani on November 14, 2014

This entry was posted on November 14, 2014 at 3:30 AM and is filed under Connectivity, Error.
Tagged: pre-login handshake, SQL, SSL Provider, The token supplied to the function is invalid. You can follow any responses to this entry through the RSS 2.0 feed.

You can leave a response, or trackback from your own site.

Sql provider ssl provider error 0

This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Asked by:

Question

Cannot connect to xxxxx.

A connection was successfully established with the server, but then an error occurred during the login process.
(provider: SSL Provider, error: 0 — An existing connection was forcibly closed by the remote host.) (Microsoft SQL Server, Error: 10054)

For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft%20SQL%20Server&EvtSrc=MSSQLServer&EvtID=10054&LinkId=20476

An existing connection was forcibly closed by the remote host

Are you trying to connect the SQL instance using ssms and sqlcmd from your database server locally or from a remote server? Would you please confirm the following points first?

1. First check whether the server name or alias of SQL server is set correctly

2. Check whether TCP/IP protocol is enabled on the client side and SQL server side

3. Make local connection first to determine whether the problem is SQL server itself or the network layer

4. Check whether the SQL server Browser service of SQL server starts normally

5. Ping the IP address of the server where SQL server is installed to see if it works, and test whether the port number of SQL server listening is enabled

6. If step5 fails, check the firewall configuration to see whether the corresponding port number is opened in the firewall

7. Check whether the local connection and maximum connection Numbers are set correctly in the connection property of the database instance.

By the way, you need to check your SSL and TLS settings. The settings between the client and server should be somewhat consistent.

Источник

The certificate received from the remote server was issued by an untrusted certificate authority error when you connect to SQL Server

This article helps you resolve the problem that occurs when you try to make an encrypted connection to SQL Server.

Original product version: В SQL Server
Original KB number: В 2007728

Symptoms

When connecting to SQL Server, you may receive the following error message:

A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 — The certificate chain was issued by an authority that is not trusted.) (.Net SqlClient Data Provider)

Additionally, the following error message is logged in the Windows System event log.

Cause

This error occurs when you try to make an encrypted connection to SQL Server using a non-verifiable certificate. This could happen in the following scenarios:

When establishing encrypted connections to SQL Server, Secure Channel (Schannel) creates the list of trusted certificate authorities by searching the Trusted Root Certification Authorities store on the local computer. During the TLS handshake, the server sends its public key certificate to the client. The issuer of a public key certificate is known as a Certificate Authority (CA). The client has to ensure that the certificate authority is one that the client trusts. This is achieved by knowing the public key of trusted CAs in advance. When Schannel detects a certificate that was issued by an untrusted certification authority, such as in the above two cases, you get the error message listed in the Symptoms section.

Resolution

If you intentionally use either a certificate from a non-trusted authority or a self-signed certificate to encrypt connections to SQL Server, you can use one of the following options:

For Scenario 1: Add the certificate authority to the Trusted Root Certification Authorities store on the client computer initiating encrypted connection. To do this, complete the Export the server certificate and Install the root certificate authority (CA) on the client machine procedures listed below in that sequence.

Export the server certificate

The example uses a file named caCert.cer as a certificate file. You must obtain this certificate file from the server. The following steps explain how to export the server certificate to a file:

Click Start and then Run, and type MMC. (MMC is an acronym for the Microsoft Management Console.)

In MMC, open the Certificates.

Expand Personal and then Certificates.

Right-click the server certificate, and then select All Tasks->Export.

Click Next to move past the welcome dialog box of the Certificate Export Wizard.

Confirm that No, do not export the private key is selected, and then click Next.

Make sure that either DER encoded binary X.509 (.CER) or Base-64 encoded X.509 (.CER) is selected, and then click Next.

Enter an export file name.

Click Next, and then click Finish to export the certificate.

Start the Certificates snap-in for MMC on the client computer and then add the Certificates snap-in.

In the Certificates snap-in dialog box, choose Computer account, and then choose Next.

In the Select Computer pane, choose Local computer: (the computer this console is running on), and then choose Finish.

Choose OK to close the Add or Remove Snap-ins dialog box.

In the left pane of MMC, expand the Certificates (Local Computer) node.

Expand the Trusted Root Certification Authorities node, right-click the Certificates subfolder, select All Tasks, and then choose Import.

In the Certificate Import Wizard, on the Welcome page, choose Next.

On the File to Import page, choose Browse.

Browse to the location of the caCert.cer certificate file, select the file, and then choose Open.

On the File to Import page, choose Next.

On the Certificate Store page, accept the default selection, and then choose Next.

On the Completing the Certificate Import Wizard page, choose Finish.

For scenarios 1 and 2: Set Trust Server Certificate setting to true in your client application.

For more information on how to do this, review the following topics:

If you are using SQL Server Management Studio, you can click on the Options tab, and check the box Trust Server certificate option in the Connection Properties tab.

Caution: SSL connections that are encrypted by using a self-signed certificate do not provide strong security. They are susceptible to man-in-the-middle attacks. You shouldn’t rely on SSL using self-signed certificates in a production environment or on servers that are connected to the Internet.

If the configuration discussed in the previous sections of this article is unintended, you can use one of the following options to resolve this problem:

Configure database engine to use encryption as per the procedure in Enable encrypted connections to the Database Engine.

If encryption is not required:

Disable encryption settings (if any) in your client application.

Disable server-side encryption using SQL Server Configuration manager. For more information on how to do this, review Configure Server.

Источник

Help: SQL Server

Sharing my knowlege about SQL Server Troubleshooting Skills

Blog Stats

Blogroll

Select GETDATE()

November 2014

Subscribe

Follow Blog via Email

Date provider: SSL Provider, error: 0 – The token supplied to the function is invalid ) (Microsoft SQL Server, Error: -2146893048)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=-2146893048&LinkId=20476
——————————
BUTTONS:
OK
——————————

Did basic troubleshooting as below

• Tested basic connectivity like ping, telnet etc. everything is working fine, except the connection to SQL engine from this machine.
• Error message says SSL but there was no certificate used in SQL Server.
• There was no certificate used.

Next major task is to find out what is the difference in both servers. So I asked him what were the things done on “bad” client. He said that he applied bunch on Windows updates. Looking at list I found one which talks about SSL.

http://support.microsoft.com/kb/2643584 (MS12-006: Vulnerability in SSL/TLS could allow information disclosure: January 10, 2012)

We check the machines and found that SendExtraRecord was 1 on “bad” client whereas other “good” clients it was 2.

Here were the steps taken to solve the issue. (taken from KB)

1. Click Start, click Run, type regedit in the Open box, and then click OK.
2. Locate and then click the following subkey in the registry:

In our case it was 1 and making it 2 fixed the issue and were were able to covert bad clients to good clients.

Источник

Sql provider ssl provider error 0

This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Asked by:

Question

server: SQL Server 2016 13.0.5026.0

1. SSMS 12.0.2000.8

A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 — An existing connection was forcibly closed by the remote host.) (Microsoft SQL Server, Error: 10054)

C:Program FilesMicrosoft SQL ServerClient SDKODBC110ToolsBinn>.sqlcmd -E -S serverinstance

Sqlcmd: Error: Microsoft ODBC Driver 11 for SQL Server : SSL Provider: An existing connection was forcibly closed by the remote host.
.
Sqlcmd: Error: Microsoft ODBC Driver 11 for SQL Server : Client unable to establish connection.

1) Are you trying to connect the SQL instance using ssms and sqlcmd from your database server locally or from a remote server?

2) Is browser service running on your DB server.

3) is firewall opened for the remote connection in your database server.

4) Is this a new installation or this issue has cropped up recently?

Regards;
Vivek Janakiraman
www.jbswiki.com

I’m getting this issue after installing KB4467697 with SQL Server 2014 SP2 CU 10:

“A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 – No process is on the other end of the pipe.) (.Net SqlClient Data Provider)
(Microsoft SQL Server, Error: 233)”

Uninstalling that patch, SQL connections is OK.

1) Are you trying to connect the SQL instance using ssms and sqlcmd from your database server locally or from a remote server? remote server

2) Is browser service running on your DB server. yes

3) is firewall opened for the remote connection in your database server. No

4) Is this a new installation or this issue has cropped up recently? the SQL Server 2016 is new installed

1) Are you trying to connect the SQL instance using ssms and sqlcmd from your database server locally or from a remote server? remote server

2) Is browser service running on your DB server. yes

3) is firewall opened for the remote connection in your database server. No

4) Is this a new installation or this issue has cropped up recently? the SQL Server 2016 is new installed

Try opening the port which SQLServer uses (by default its 1433 unless you changed it) in the firewall for inbound connections

I also have a doubt that since you use SSMS 12.0 which is earlier version one and you’re trying to connect to SQL 2016 it can even be TLS 1.2 related issue

I would suggest getting a recent version of SSMS (17.x) and try connecting to see if issue persists

Please Mark This As Answer if it solved your issue
Please Vote This As Helpful if it helps to solve your issue
Visakh
—————————-
My Wiki User Page
My MSDN Page
My Personal Blog
My Facebook Page

Источник