Issue after Installing Recent Windows Update

neilredfernneilredfern Posts: 3
edited May 20, 2016 4:39AM in SQL Monitor Previous Versions
Hello,

Since installing the latest batch of Windows update have issue with the web interface connecting to the Base Monitor. The log files show the following error is occuring:

2016-05-18 17:06:41,125 [ 10] ERROR RedGate.Response.Common.Utilities.ErrorReporting.ErrorReporter - System.ComponentModel.Win32Exception (0x80004005): The client and server cannot communicate, because they do not possess a common algorithm
at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)
at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential& secureCredential)
at System.Net.Security.SecureChannel.AcquireServerCredentials(Byte[]& thumbPrint)
at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at RedGate.Response.Common.Networking.Server.RpcSynchronousTcpServer.HandleClientSession(Stream stream)
at RedGate.Response.Common.Networking.Server.AsynchronousSocketListener.RunWorker(Socket requestSocket)
at RedGate.Response.Common.Utilities.ThreadPools.PrioritizedThreadPool`1.ExecuteHighestPriorityUserWorkItem(TPriority originalPriority)
at RedGate.Response.Common.Utilities.ThreadPools.ErrorReportingThreadPool.<>c__DisplayClass6_0.<QueueUserWorkItem>b__0(Object )System.ComponentModel.Win32Exception (0x80004005): The client and server cannot communicate, because they do not possess a common algorithm
at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)
at System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential& secureCredential)
at System.Net.Security.SecureChannel.AcquireServerCredentials(Byte[]& thumbPrint)
at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at RedGate.Response.Common.Networking.Server.RpcSynchronousTcpServer.HandleClientSession(Stream stream)
at RedGate.Response.Common.Networking.Server.AsynchronousSocketListener.RunWorker(Socket requestSocket)
at RedGate.Response.Common.Utilities.ThreadPools.PrioritizedThreadPool`1.ExecuteHighestPriorityUserWorkItem(TPriority originalPriority)
at RedGate.Response.Common.Utilities.ThreadPools.ErrorReportingThreadPool.<>c__DisplayClass6_0.<QueueUserWorkItem>b__0(Object )

Has anyone seen this before?

Thanks

Neil
Tagged:

Comments

  • Alex BAlex B Posts: 933 Diamond 3
    edited January 7, 2019 11:53AM
    *Edit to remove extra characters from registry key paths

    Hi Neil,

    This will be the result of either or both TLS 1.0 and SSLv3 having been disabled. Both the client and server TLS 1.0 and SSLv3 need to be enabled for the web service to be able to talk to the base monitor.

    These are all of the registry keys and their values for enabling both the client and server portions of SSL 3.0 and TLS 1.0:

    SSL 3.0: 
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 3.0Client  "Enabled"=dword:00000001 
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 3.0Server  "Enabled"=dword:00000001 TLS 1.0: 
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.0Client  "Enabled"=dword:00000001 
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.0Client  "DisabledByDefault"=dword:00000000 HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.0Server  "Enabled"=dword:00000001 
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.0Server  "DisabledByDefault"=dword:00000000

    We are aware that from a security point of view, we should no longer use TLS v1.0 and SSLv3 and instead we should use TLS 1.2. An internal issue has been created for this to be considered for a future version.

    Kind regards,
    Alex
    Product Support Engineer | Redgate Software

    Have you visited our Help Center?
  • Alex,

    Thanks for the update, that resolved the issue and a few other we have seen since the patching.

    Thanks

    Neil
  • Alex BAlex B Posts: 933 Diamond 3
    Hi Neil,

    Glad that got it sorted. Thanks for letting me know!

    Kind regards,
    Alex
    Product Support Engineer | Redgate Software

    Have you visited our Help Center?
Sign In or Register to comment.