Our application sometimes throws out this error:
System.Data.SqlClient.SqlException (0x80131904): A connection was
successfully established with the server, but then an error occurred
during the login process. (provider: SSL Provider, error: 0 - An
existing connection was forcibly closed by the remote host.) --->
System.ComponentModel.Win32Exception (10054): An existing connection
was forcibly closed by the remote host.
The application runs perfectly fine for some time, but just sometimes throws the exception above. Until now it is pretty hard to find the cause of this. Some say that it has to do with the amount of connections, but we have it set at zero and therefor it should be maximized at around 32k connections which we think we do not use.
EDIT: Seen the SSL provider is used and the client OS version is lower than the SQL server OS version I am thinking about the TLS version or cipher suite. I still cannot figure out why the same client is sometimes using a different/incompatible cipher suite or TLS version.
I had the same experience when my source os version was windows server 2016 and destination os was windows 2012, after windows update it happened, check windows recent updates.
Related
we have bought some new devices with Windows 11 pro and want to connect to our old voip server. He has a Microsoft SQL Server 2008R2 installed and we get this error on our self programme that trys a connection.
(provider: SSL Provider, error: 0 - An existing connection was forcibly closed by the remote host.)
But we don´t know why, because all other devices with Windows 10 have no problems at all. It is only on Windows 11. Now the funny part, we have installed a vm on our server with windows 11 (tweak needet for no tpm2.0 and CPU Support) but it runs. In this installation we have no problem to connect to the SQL Server.
So we have deactivated on the notebooks TPM. But that didn´t help.
Have anyone a hint?
Hello guys I'm struggling over here....
I'm unable to solve this problem no matter what I do.
I have two web servers both with IIS Management enabled, I run a build from my build server and then depending which environment it goes to the MS deploy URL changes but the command looks like this:
"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" -source:package='E:\data\teamcity\BuildAgent\work\d9f8b686a8037f97\webdeploy_UAT\BuildCode_UAT.zip' -dest:auto,computerName="https://SERVER.DOMAIN.LOCAL:8172/MsDeploy.axd",userName="\username",password="******",authtype="Basic",includeAcls="False" -verb:sync -disableLink:AppPoolExtension -disableLink:ContentExtension -disableLink:CertificateExtension -setParamFile:"E:\data\teamcity\BuildAgent\work\d9f8b686a8037f97\webdeploy_Review\BUILDCODE_UAT.SetParameters.xml" -allowUntrusted
I've also created a sample command in my testing as well that doesn't work to the production web server either:
"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" -verb:dump -source:iisapp="Default Web Site",computername=https://SERVER.DOMAIN.local:8172/,authType=NTLM -verbose -whatif -allowuntrusted
I understand this wouldn't actually do anything however, I would receive a different error than what I've been receiving:
Error: Could not complete the request to remote agent URL 'https://SERVER.DOMAIN.local:8172/'.
Error: The underlying connection was closed: An unexpected error occurred on a send.
Error: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
Error: An existing connection was forcibly closed by the remote host
Error count: 1.
These commands generate feedback upon executing them against my dev server, that server works properly and I'm still able to deploy.
This process has been setup and working for years, however; over the weekend my infrastructure team did install windows updates and then when come Monday morning, we were no longer able to deploy to that server.
What I've done:
Rolled back all of those updates
Restored the VM prior to installing the updates
Confirmed not network or firewall issue as I am able to telnet from the build server over port 8172 to the server in question...Also, I tried running the command on the server itself changing the URL to localhost and it still doesn't work
Rebooted
Ran a repair against .NET 4.7.2
Ran a repair against Web deploy 3.0
Regedits were in place to enable all TLS
Ran a powershell script to dump TLS settings to confirm that I wasn't reading the regedits incorrectly
Compared TLS settings with my dev server - all good
Added SchUseStrongCrypto regedits on my build server - no change
I'm unable to even receive any feedback other than "connection closed" When trying to hit the URL via a browser
So finally, I installed fiddler on my computer; setup my connection in Web management console to allow my IP and tried to hit the URL while in fiddler and this is what I receive:
HTTP/1.0 200 Connection Established
FiddlerGateway: Direct
StartTime: 13:30:10.019
Connection: close
fiddler.network.https> HTTPS handshake to SERVER.DOMAIN.local (for #21) failed. System.IO.IOException
Unable to read data from the transport connection: An existing connection was forcibly closed by the
remote host. < An existing connection was forcibly closed by the remote host
To me, that suggested something was wrong with the SSL cert, I created a new self signed cert in IIS and applied the certificate via management console, still doesn't work!!
Help me!!!! Thanks in advance!
I know that using the OLEDB Driver (MSOLEDBSQL) I can specify this with the Driver keyword as documented here.
Can this be done with the SQLNCLI driver?
MY ISSUE:
I see on the target machine that both version 10 and 11 are installed and we are getting the following error, that I suspect is due an disabling of tls1.1.
System.Data.SqlClient.SqlException: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.)
It looks like you can't.
I had the v10 version of the SQLNCLI driver uninstalled and everything seems to be working.
I am facing below error while connecting to the SQL Server on another server from a .NET application.
An exception has been raised that is likely due to a transient failure. If you are connecting to a SQL Azure database consider using SqlAzureExecutionStrategy. The underlying provider failed on Open. A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - An existing connection was forcibly closed by the remote host.)
SQL Server is running on Windows Server 2016 and the application is on Windows Server 2012.
Everything was fine before those security updates but after updates were installed and servers were restarted, I started getting those errors.
Any suggestions on how to resolve this?
You might want look to look at the following article at Microsoft: Applications experience "forcibly closed" TLS connection errors when connecting SQL Servers in Windows
I am running into the same issue and I applied the work around, I am still waiting for the results to confirm the solution. It started happening recently in our production environment, as this happens very randomly while connecting to hundreds of servers it is difficult to spot the issue. First we were reviewing network side for lost packets as we work between different data centers. As nothing strange came back from this investigation I stumbled upon the above article.
Update
I applied the workaround, the Group Policy on the local computer, basically followed the instructions of this Group Policy, enabled the policy, copied all cipher suits, removed the TLS_DHE* and applied it. After that restarted the server. The issue has been resolved.
I am using Simba ODBC driver (32-bit) to query data from Google Big Query using C#. I keep getting the below error one or two times per week. Please help as I am not sure how to resolve this error.
ERROR [HY000] [Simba][DriverSupport] (1160) Cannot enable SSL for the
connection when connecting to a server that has not enabled SSL. If
the server has SSL enabled, please check if it has been configured to
use a SSL protocol version that is lower than what is allowed for the
connection. The minimum SSL protocol version allowed for the
connection is: TLS 1.1.