SQL Server 2012 and TLS 1.0 Compatibility Fixes

By Akbar

Few days ago, I have to disable TLS 1.0 on one of our Windows 2012 Server for PCI Compliance. This machine was also acting as Database server, and runs MS SQL Server 2012. After disabling the TLS 1.0 (using IISCrypto tool), I ran into SQL Server compatibility issues where first the SQL Server Service wouldn’t start, and once that issue was fixed, SQL Server Management Studio failed to connect with that SQL Server. Thanks to the RobWillis.info post, I was able to solve both of these issues.

I was hoping that this would be the end of story, but looking at the daily server logs, we found that one of C# Console application was throwing following error connecting with Server:

Unhandled Exception: System.Data.SqlClient.SqlException: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: Shared Memory Provider, error: 0 – No process is on the other end of the pipe.)

I knew this has to do something with TLS 1.0, and as this application was developed under .Net 3.5, so it was not able to utilize the TLS 1.2 support recently added to Microsoft .NET Framework 4.6. Fortunately, it’s quite easy to force application to run on a particular .Net version by modifying its configuration file. So, what fixed is the following new section in the Application configuration file:

1
 

And that worked flawlessly. You can read more about .Net framework runtime support options here.

I’m hoping I don’t run into any more TLS 1.0 compatibility issues. If I do, I will be posting the details here.

Tags: , ,