ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Machine software unabel to connect to new SQL server

    IT Discussion
    sql server encryption connection string
    3
    9
    940
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBuschJ
      JaredBusch
      last edited by JaredBusch

      I have a client with a Fusion Arch CNC SawJet.

      The client has recently upgraded from Server 2003 and SQL 2005 to Server 2012 R2 and SQL 2014.

      Their LOB app connects to the new SQL database just fine.

      This CNC machine does not.
      0_1522258970514_9f941137-58a4-4e53-9fde-9f80837303bd-image.png

      This machine is running Windows XP

      Just looking at the list of Ciphers, I have a feeling that this is the problem.
      0_1522258829766_af896175-4ef3-4196-8c04-3c8506bb4f90-image.png

      My Google is failing me, but I cannot find where to determine what SQL Server supports for encryption on log in.

      1 Reply Last reply Reply Quote 5
      • JaredBuschJ
        JaredBusch
        last edited by

        I realize that IIS Crypto is for IIS and not SQL Server. But I also knew it would provide a comprehensive list of what the OS supported.

        momurdaM 1 Reply Last reply Reply Quote 1
        • s.hacklemanS
          s.hackleman
          last edited by

          Similar environment here, you may try altering the sql servers compatibility mode. I have seen seen that work on older manufacturing automation systems as an easy fix.

          1 Reply Last reply Reply Quote 0
          • JaredBuschJ
            JaredBusch
            last edited by JaredBusch

            Jsut found this in the registry. It was set to 1 by default. I changed to to 0.

            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"DisabledByDefault"=dword:00000000
            1 Reply Last reply Reply Quote 2
            • JaredBuschJ
              JaredBusch
              last edited by

              Checking that key led me to this.

              https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs

              1 Reply Last reply Reply Quote 0
              • momurdaM
                momurda @JaredBusch
                last edited by

                @jaredbusch said in Machine software unabel to connect to new SQL server:

                Jsut found this in the registry. It was set to 1 by default. I changed to to 0.

                [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"DisabledByDefault"=dword:00000000

                @jaredbusch This is the problem. That error is a handshake error means it cant negotiate.
                XP supports ssl 3.0
                SQL 2014 does as well, this shouldnt be a problem.
                Have you checked how the odbc settings on xp is connecting to the sql server?

                JaredBuschJ 1 Reply Last reply Reply Quote 1
                • JaredBuschJ
                  JaredBusch @momurda
                  last edited by

                  @momurda said in Machine software unabel to connect to new SQL server:

                  @jaredbusch said in Machine software unabel to connect to new SQL server:

                  Jsut found this in the registry. It was set to 1 by default. I changed to to 0.

                  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"DisabledByDefault"=dword:00000000

                  @jaredbusch This is the problem. That error is a handshake error means it cant negotiate.

                  I know it is a handshake problem.

                  Have you checked how the odbc settings on xp is connecting to the sql server?

                  It is a .Net connection string. not an OBDC DSN. This connot be checked as it is part of the executable.

                  1 Reply Last reply Reply Quote 0
                  • JaredBuschJ
                    JaredBusch
                    last edited by

                    Just enabled SSL2.0 will see what that does. Nothing else was listed Disabled by defualt. but meh.

                    1 Reply Last reply Reply Quote 2
                    • momurdaM
                      momurda
                      last edited by

                      Do you have .net4 installed on this xp client?

                      1 Reply Last reply Reply Quote 0
                      • 1 / 1
                      • First post
                        Last post