We have been having a problem where the cluster controller
does not get a response from the SQL Server from the "are
you alive" request ( select @.@.SERVERNAME ). It seems that
the SQL server does not respond within a couple of minutes
and the request times out.
The Cluster controller then closes down the SQL server
thinking it has failed and tries to restart it.
Has anyone got any means to increase the timeout time, or
reason why SQL Server is not responding ( p.s. it does not
seem to be that busy )
When does this happen? Is it intermittent or do you have a pattern?
What type of activities are taking place at that time?
IsAlive happens every 60 sec by default. It can be changed to a higher value by going to the properties of the SQL Server resource. Instead of increasing the time for IsAlive checks, its important to find what is going
on when you see this behavior?
Best Regards,
Uttam Parui
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
Are you secure? For information about the Strategic Technology Protection Program and to order your FREE Security Tool Kit, please visit http://www.microsoft.com/security.
Microsoft highly recommends that users with Internet access update their Microsoft software to better protect against viruses and security vulnerabilities. The easiest way to do this is to visit the following websites:
http://www.microsoft.com/protect
http://www.microsoft.com/security/guidance/default.mspx
|||Not a real pattern but suggestion is that it happens when
the backups are in progress, but not every time.
ie the backups happen every night at 3pm but only once a
month.
What I'd like to do is tell the cluster controller to wait
longer before assuming the database is down.
The application is not cluster aware and a failover
requires that we relog in the overnight batch
applications. But it does mean the service is available
for the online users in the morning.
|||I have seen something like this when an Anti-Virus scanner is running on the
backup target server. It is something to check.
Geoff N. Hiten
Microsoft SQL Server MVP
Senior Database Administrator
Careerbuilder.com
I support the Professional Association for SQL Server
www.sqlpass.org
"David" <daldlay@.hotmail.com> wrote in message
news:35e801c4a53c$55a60160$a301280a@.phx.gbl...
> Not a real pattern but suggestion is that it happens when
> the backups are in progress, but not every time.
> ie the backups happen every night at 3pm but only once a
> month.
> What I'd like to do is tell the cluster controller to wait
> longer before assuming the database is down.
> The application is not cluster aware and a failover
> requires that we relog in the overnight batch
> applications. But it does mean the service is available
> for the online users in the morning.
|||"David" <daldlay@.hotmail.com> wrote in message
news:35e801c4a53c$55a60160$a301280a@.phx.gbl...
> Not a real pattern but suggestion is that it happens when
> the backups are in progress, but not every time.
> ie the backups happen every night at 3pm but only once a
> month.
Are backups going over the same wire that the heartbeat is using?
> What I'd like to do is tell the cluster controller to wait
> longer before assuming the database is down.
> The application is not cluster aware and a failover
> requires that we relog in the overnight batch
> applications. But it does mean the service is available
> for the online users in the morning.
Showing posts with label response. Show all posts
Showing posts with label response. Show all posts
Sunday, March 25, 2012
Saturday, February 25, 2012
Client-side problem with mirroring
Hi!
I posted this on the adonet forum but didn't get any response so I might as well post it here. Hope anyone can help me.
-
I have set up mirroring and trying to get it to work from my .NET
application. Mirroring seems to work ok.
When I do a manual failover the witness is updated properly in the
sys.database_mirroring_witnesses table so it seems to be configured
correctly. I also can shutdown the master database and the mirror takes over.
My application is configured with Server set to my master database and
FailOverPartner to my mirror database.
If I am connected to the master database and do a manual fail-over all my
attempts to communicate with the database fail with an exception, even after
repeated retries.
(System.Data.SqlClient.SqlException: A transport-level error has occurred
when sending the request to the server. (provider: TCP Provider, error: 0 -
An existing connection was forcibly closed by the remote host.).)
If I do a manual fail-over and restart my application it connects to the
mirror database and everything is working. If I now do a manual fail-over I
get the same exception, but after a few retries it connects to the master
database.
The field Connection.Datasource always shows the master database regardless
if it's connected to the mirror.
What am I doing wrong? Is this how it's supposed to work?
-
I have been pulling my hair over this problem and I just can't get it to work.
I'm using SQL Server Authentication to access the database and I can connect
to the master when it's acting as principal and I can connect to the mirror
when it's acting as principal, but when doing a fail-over, manual or shutting
down the master server it never tries to connect automatically to the mirror
even if it's changed role to principal.
Do the client need access to the witness in any way?
I'm using version 2.0.50727 of System.Data.dll.
I'm wondering if when you say "master database", you are refering to the system database called master or the principal database. It isn't clear. So I am going to assume that you mean "principal" database when you say "master" database, but your comments are very confusing. Also remember that Principal and Mirror are roles, it is better to state Server A and Server B and the role they are currently in. Also, when you say master database, everyone in the world thinks you are refering to the system database called "master," which cannot be mirrored. We'll get it figured out. :)
"My application is configured with Server set to my master database and
FailOverPartner to my mirror database."
You mean Server set to Server A and Failover_Partner is set to Server B, correct? You should not be putting database names in where there should be server names...
"Do the client need access to the witness in any way?"
No.
"I'm using version 2.0.50727 of System.Data.dll."
Can you verify that you are using the same System.data.dll as in this KB? http://support.microsoft.com/kb/912151/
"but after a few retries it connects to the master
database."
By retries, do you mean that the application is processing the network error and issues a reconnect?
Thanks,
Mark
Friday, February 24, 2012
client-requested SSL encryption errors
I did not get any useful response the last time I posted this, so now I'm
posting a more detailed version of the question.
We are having difficulty getting client-requested SSL encryption to work
with SQL Server 2000 Enterprise SP4.
Using "Force All Clients to Use SSL" is not an option for us. We need to be
able to have certain clients (extranet)use encryption without forcing other
clients (intranet) to also use encryption. Hence, we need to know how to
make "Force Protocol Encryption" work from the Client Network Utility with
SQL Query Analyzer.
Ultimately, our goal is to enable encryption in certain connection requests
from custom client applications we are writing. However, we will be happy
for now if we can at least get it working from a standard MS tool as
described in the SQL Server documentation and KB articles.
Has anyone else managed to make client-requested encryption work without
using a commercial CA? For that matter, has anyone suceeded in making it
work *with* a commercial CA?
When I connect using SQL Query Analyzer without Force Protocol Encryption in
the Client Network Utility, everything works fine. When I select Force
Protocol Encryption, then I get the following error:
====
unable to connect to server
server: msg 18, level 16, state 1
[microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
====
The server is running Windows Server 2003 Enterprise SP1. As mentioned
earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
The Server Authentication certificate is installed correctly on the SQL
Server 2000 machine. It was generated by Microsoft Certificate Services
configured as a stand-alone root CA. The certificate chain is OK according
to MMC snap-in and works fine with no warnings for HTTPS connections to IIS,
so I don't see how the certificate could be malformed. There definitely is
only one certificate installed on the server (at least according to the MMC
snap-in for Certificates). The Root CA chain is installed on the client and
is OK according to MMC. This seems to be validated by the fact that IE
doesn't give any warnings when making an HTTPS connection to the server
(i.e., it recognizes the certificate chain as a trusted source).
I've read every KB article I can find on the subject, followed all the
instructions with meticulous care, and reinstalled everything from scratch
twice already (including the CA, thus generating a new root certificate and
new server authentication certificate). The client still fails to connect
whenever I force client encryption (it's not feasible for us to set force
encryption on the server).
I've even tried creating various aliases for the server in the Client
Network Utility, as suggested in one KB article, but that doesn't seem to
help either.
Perhaps I'm overlooking something really obvious, but I'm seriously
beginning to doubt whether SQL Server really supports client-initiated SSL
connections at all. Has anyone else gotten this to work? If so, what was the
trick to making it work?
Any suggestions would be greatly appreciated.
Hello Aubrey,
I don't think you need a commercial certfiicate to do this.
If you want to enable Force Protocol Encryption on the client, you must
have a certificate on the server and the client must have the Trusted Root
Authority updated to trust the server certificate. You can install your own
CA and get certficate from it on the server, and install root CA
certificate on the client.
You may have reviewed the following articles but the steps to enable SSL
from client are verified to work properly.
316898 How to enable SSL encryption for SQL Server 2000 with Microsoft
http://support.microsoft.com/?id=316898
316779 PRB: Clients with Force Protocol Encryption Set On May Fail to
Connect
http://support.microsoft.com/?id=316779
276553 How to enable SSL encryption for SQL Server 2000 with Certificate
Server
http://support.microsoft.com/?id=276553
Also, to make sure the certificate installed on the SQL server is correct,
we suggest that you enable "Force Protocol Encryption" temporarily and
disable "Force Protocol Encryption" on client to test the situation. If it
works under this situation, the server certificate itself has no issues.
Note: EVEN IF YOU ARE ENABLING FORCE PROTOCOL ENCRYPTION ON THE CLIENT SIDE
ONLY, YOU STILL NEED TO RESTART SQL SERVER FOR THE CERTIFICATE TO BECOME
EFFECTIVE AND USED BY SQL SERVER.
If "Force Protocol Encryption" on server does not work, please check the
certificate property to make sure it is for FQDN for the SQL server.
839617 BUG: You cannot connect to an instance of SQL Server on a server
http://support.microsoft.com/?id=839617
You may want to check if the issue occurs on different client computers to
isolate the issue.
Best Regards,
Peter Yang
MCSE2000/2003, MCSA, MCDBA
Microsoft Online Partner Support
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
================================================== ===
This posting is provided "AS IS" with no warranties, and confers no rights.
| From: "Aubrey McAuley" <winaix@.nospam.nospam>
| Subject: client-requested SSL encryption errors
| Date: Wed, 27 Jul 2005 16:10:49 -0500
| Lines: 65
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#Gi#t#ukFHA.2852@.TK2MSFTNGP15.phx.gbl>
| Newsgroups: microsoft.public.sqlserver.server
| NNTP-Posting-Host: rrcs-67-79-5-147.sw.biz.rr.com 67.79.5.147
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP15.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.sqlserver.server:64999
| X-Tomcat-NG: microsoft.public.sqlserver.server
|
| I did not get any useful response the last time I posted this, so now I'm
| posting a more detailed version of the question.
|
| We are having difficulty getting client-requested SSL encryption to work
| with SQL Server 2000 Enterprise SP4.
|
| Using "Force All Clients to Use SSL" is not an option for us. We need to
be
| able to have certain clients (extranet)use encryption without forcing
other
| clients (intranet) to also use encryption. Hence, we need to know how to
| make "Force Protocol Encryption" work from the Client Network Utility
with
| SQL Query Analyzer.
|
| Ultimately, our goal is to enable encryption in certain connection
requests
| from custom client applications we are writing. However, we will be happy
| for now if we can at least get it working from a standard MS tool as
| described in the SQL Server documentation and KB articles.
|
| Has anyone else managed to make client-requested encryption work without
| using a commercial CA? For that matter, has anyone suceeded in making it
| work *with* a commercial CA?
|
| When I connect using SQL Query Analyzer without Force Protocol Encryption
in
| the Client Network Utility, everything works fine. When I select Force
| Protocol Encryption, then I get the following error:
|
| ====
| unable to connect to server
| server: msg 18, level 16, state 1
| [microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
|
| ====
|
| The server is running Windows Server 2003 Enterprise SP1. As mentioned
| earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
|
| The Server Authentication certificate is installed correctly on the SQL
| Server 2000 machine. It was generated by Microsoft Certificate Services
| configured as a stand-alone root CA. The certificate chain is OK
according
| to MMC snap-in and works fine with no warnings for HTTPS connections to
IIS,
| so I don't see how the certificate could be malformed. There definitely
is
| only one certificate installed on the server (at least according to the
MMC
| snap-in for Certificates). The Root CA chain is installed on the client
and
| is OK according to MMC. This seems to be validated by the fact that IE
| doesn't give any warnings when making an HTTPS connection to the server
| (i.e., it recognizes the certificate chain as a trusted source).
|
| I've read every KB article I can find on the subject, followed all the
| instructions with meticulous care, and reinstalled everything from
scratch
| twice already (including the CA, thus generating a new root certificate
and
| new server authentication certificate). The client still fails to connect
| whenever I force client encryption (it's not feasible for us to set force
| encryption on the server).
|
| I've even tried creating various aliases for the server in the Client
| Network Utility, as suggested in one KB article, but that doesn't seem to
| help either.
|
| Perhaps I'm overlooking something really obvious, but I'm seriously
| beginning to doubt whether SQL Server really supports client-initiated
SSL
| connections at all. Has anyone else gotten this to work? If so, what was
the
| trick to making it work?
|
| Any suggestions would be greatly appreciated.
|
|
|
posting a more detailed version of the question.
We are having difficulty getting client-requested SSL encryption to work
with SQL Server 2000 Enterprise SP4.
Using "Force All Clients to Use SSL" is not an option for us. We need to be
able to have certain clients (extranet)use encryption without forcing other
clients (intranet) to also use encryption. Hence, we need to know how to
make "Force Protocol Encryption" work from the Client Network Utility with
SQL Query Analyzer.
Ultimately, our goal is to enable encryption in certain connection requests
from custom client applications we are writing. However, we will be happy
for now if we can at least get it working from a standard MS tool as
described in the SQL Server documentation and KB articles.
Has anyone else managed to make client-requested encryption work without
using a commercial CA? For that matter, has anyone suceeded in making it
work *with* a commercial CA?
When I connect using SQL Query Analyzer without Force Protocol Encryption in
the Client Network Utility, everything works fine. When I select Force
Protocol Encryption, then I get the following error:
====
unable to connect to server
server: msg 18, level 16, state 1
[microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
====
The server is running Windows Server 2003 Enterprise SP1. As mentioned
earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
The Server Authentication certificate is installed correctly on the SQL
Server 2000 machine. It was generated by Microsoft Certificate Services
configured as a stand-alone root CA. The certificate chain is OK according
to MMC snap-in and works fine with no warnings for HTTPS connections to IIS,
so I don't see how the certificate could be malformed. There definitely is
only one certificate installed on the server (at least according to the MMC
snap-in for Certificates). The Root CA chain is installed on the client and
is OK according to MMC. This seems to be validated by the fact that IE
doesn't give any warnings when making an HTTPS connection to the server
(i.e., it recognizes the certificate chain as a trusted source).
I've read every KB article I can find on the subject, followed all the
instructions with meticulous care, and reinstalled everything from scratch
twice already (including the CA, thus generating a new root certificate and
new server authentication certificate). The client still fails to connect
whenever I force client encryption (it's not feasible for us to set force
encryption on the server).
I've even tried creating various aliases for the server in the Client
Network Utility, as suggested in one KB article, but that doesn't seem to
help either.
Perhaps I'm overlooking something really obvious, but I'm seriously
beginning to doubt whether SQL Server really supports client-initiated SSL
connections at all. Has anyone else gotten this to work? If so, what was the
trick to making it work?
Any suggestions would be greatly appreciated.
Hello Aubrey,
I don't think you need a commercial certfiicate to do this.
If you want to enable Force Protocol Encryption on the client, you must
have a certificate on the server and the client must have the Trusted Root
Authority updated to trust the server certificate. You can install your own
CA and get certficate from it on the server, and install root CA
certificate on the client.
You may have reviewed the following articles but the steps to enable SSL
from client are verified to work properly.
316898 How to enable SSL encryption for SQL Server 2000 with Microsoft
http://support.microsoft.com/?id=316898
316779 PRB: Clients with Force Protocol Encryption Set On May Fail to
Connect
http://support.microsoft.com/?id=316779
276553 How to enable SSL encryption for SQL Server 2000 with Certificate
Server
http://support.microsoft.com/?id=276553
Also, to make sure the certificate installed on the SQL server is correct,
we suggest that you enable "Force Protocol Encryption" temporarily and
disable "Force Protocol Encryption" on client to test the situation. If it
works under this situation, the server certificate itself has no issues.
Note: EVEN IF YOU ARE ENABLING FORCE PROTOCOL ENCRYPTION ON THE CLIENT SIDE
ONLY, YOU STILL NEED TO RESTART SQL SERVER FOR THE CERTIFICATE TO BECOME
EFFECTIVE AND USED BY SQL SERVER.
If "Force Protocol Encryption" on server does not work, please check the
certificate property to make sure it is for FQDN for the SQL server.
839617 BUG: You cannot connect to an instance of SQL Server on a server
http://support.microsoft.com/?id=839617
You may want to check if the issue occurs on different client computers to
isolate the issue.
Best Regards,
Peter Yang
MCSE2000/2003, MCSA, MCDBA
Microsoft Online Partner Support
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
================================================== ===
This posting is provided "AS IS" with no warranties, and confers no rights.
| From: "Aubrey McAuley" <winaix@.nospam.nospam>
| Subject: client-requested SSL encryption errors
| Date: Wed, 27 Jul 2005 16:10:49 -0500
| Lines: 65
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#Gi#t#ukFHA.2852@.TK2MSFTNGP15.phx.gbl>
| Newsgroups: microsoft.public.sqlserver.server
| NNTP-Posting-Host: rrcs-67-79-5-147.sw.biz.rr.com 67.79.5.147
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP15.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.sqlserver.server:64999
| X-Tomcat-NG: microsoft.public.sqlserver.server
|
| I did not get any useful response the last time I posted this, so now I'm
| posting a more detailed version of the question.
|
| We are having difficulty getting client-requested SSL encryption to work
| with SQL Server 2000 Enterprise SP4.
|
| Using "Force All Clients to Use SSL" is not an option for us. We need to
be
| able to have certain clients (extranet)use encryption without forcing
other
| clients (intranet) to also use encryption. Hence, we need to know how to
| make "Force Protocol Encryption" work from the Client Network Utility
with
| SQL Query Analyzer.
|
| Ultimately, our goal is to enable encryption in certain connection
requests
| from custom client applications we are writing. However, we will be happy
| for now if we can at least get it working from a standard MS tool as
| described in the SQL Server documentation and KB articles.
|
| Has anyone else managed to make client-requested encryption work without
| using a commercial CA? For that matter, has anyone suceeded in making it
| work *with* a commercial CA?
|
| When I connect using SQL Query Analyzer without Force Protocol Encryption
in
| the Client Network Utility, everything works fine. When I select Force
| Protocol Encryption, then I get the following error:
|
| ====
| unable to connect to server
| server: msg 18, level 16, state 1
| [microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
|
| ====
|
| The server is running Windows Server 2003 Enterprise SP1. As mentioned
| earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
|
| The Server Authentication certificate is installed correctly on the SQL
| Server 2000 machine. It was generated by Microsoft Certificate Services
| configured as a stand-alone root CA. The certificate chain is OK
according
| to MMC snap-in and works fine with no warnings for HTTPS connections to
IIS,
| so I don't see how the certificate could be malformed. There definitely
is
| only one certificate installed on the server (at least according to the
MMC
| snap-in for Certificates). The Root CA chain is installed on the client
and
| is OK according to MMC. This seems to be validated by the fact that IE
| doesn't give any warnings when making an HTTPS connection to the server
| (i.e., it recognizes the certificate chain as a trusted source).
|
| I've read every KB article I can find on the subject, followed all the
| instructions with meticulous care, and reinstalled everything from
scratch
| twice already (including the CA, thus generating a new root certificate
and
| new server authentication certificate). The client still fails to connect
| whenever I force client encryption (it's not feasible for us to set force
| encryption on the server).
|
| I've even tried creating various aliases for the server in the Client
| Network Utility, as suggested in one KB article, but that doesn't seem to
| help either.
|
| Perhaps I'm overlooking something really obvious, but I'm seriously
| beginning to doubt whether SQL Server really supports client-initiated
SSL
| connections at all. Has anyone else gotten this to work? If so, what was
the
| trick to making it work?
|
| Any suggestions would be greatly appreciated.
|
|
|
client-requested SSL encryption errors
I did not get any useful response the last time I posted this, so now I'm
posting a more detailed version of the question.
We are having difficulty getting client-requested SSL encryption to work
with SQL Server 2000 Enterprise SP4.
Using "Force All Clients to Use SSL" is not an option for us. We need to be
able to have certain clients (extranet)use encryption without forcing other
clients (intranet) to also use encryption. Hence, we need to know how to
make "Force Protocol Encryption" work from the Client Network Utility with
SQL Query Analyzer.
Ultimately, our goal is to enable encryption in certain connection requests
from custom client applications we are writing. However, we will be happy
for now if we can at least get it working from a standard MS tool as
described in the SQL Server documentation and KB articles.
Has anyone else managed to make client-requested encryption work without
using a commercial CA? For that matter, has anyone suceeded in making it
work *with* a commercial CA?
When I connect using SQL Query Analyzer without Force Protocol Encryption in
the Client Network Utility, everything works fine. When I select Force
Protocol Encryption, then I get the following error:
==== unable to connect to server
server: msg 18, level 16, state 1
[microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
====
The server is running Windows Server 2003 Enterprise SP1. As mentioned
earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
The Server Authentication certificate is installed correctly on the SQL
Server 2000 machine. It was generated by Microsoft Certificate Services
configured as a stand-alone root CA. The certificate chain is OK according
to MMC snap-in and works fine with no warnings for HTTPS connections to IIS,
so I don't see how the certificate could be malformed. There definitely is
only one certificate installed on the server (at least according to the MMC
snap-in for Certificates). The Root CA chain is installed on the client and
is OK according to MMC. This seems to be validated by the fact that IE
doesn't give any warnings when making an HTTPS connection to the server
(i.e., it recognizes the certificate chain as a trusted source).
I've read every KB article I can find on the subject, followed all the
instructions with meticulous care, and reinstalled everything from scratch
twice already (including the CA, thus generating a new root certificate and
new server authentication certificate). The client still fails to connect
whenever I force client encryption (it's not feasible for us to set force
encryption on the server).
I've even tried creating various aliases for the server in the Client
Network Utility, as suggested in one KB article, but that doesn't seem to
help either.
Perhaps I'm overlooking something really obvious, but I'm seriously
beginning to doubt whether SQL Server really supports client-initiated SSL
connections at all. Has anyone else gotten this to work? If so, what was the
trick to making it work?
Any suggestions would be greatly appreciated.Hello Aubrey,
I don't think you need a commercial certfiicate to do this.
If you want to enable Force Protocol Encryption on the client, you must
have a certificate on the server and the client must have the Trusted Root
Authority updated to trust the server certificate. You can install your own
CA and get certficate from it on the server, and install root CA
certificate on the client.
You may have reviewed the following articles but the steps to enable SSL
from client are verified to work properly.
316898 How to enable SSL encryption for SQL Server 2000 with Microsoft
http://support.microsoft.com/?id=316898
316779 PRB: Clients with Force Protocol Encryption Set On May Fail to
Connect
http://support.microsoft.com/?id=316779
276553 How to enable SSL encryption for SQL Server 2000 with Certificate
Server
http://support.microsoft.com/?id=276553
Also, to make sure the certificate installed on the SQL server is correct,
we suggest that you enable "Force Protocol Encryption" temporarily and
disable "Force Protocol Encryption" on client to test the situation. If it
works under this situation, the server certificate itself has no issues.
Note: EVEN IF YOU ARE ENABLING FORCE PROTOCOL ENCRYPTION ON THE CLIENT SIDE
ONLY, YOU STILL NEED TO RESTART SQL SERVER FOR THE CERTIFICATE TO BECOME
EFFECTIVE AND USED BY SQL SERVER.
If "Force Protocol Encryption" on server does not work, please check the
certificate property to make sure it is for FQDN for the SQL server.
839617 BUG: You cannot connect to an instance of SQL Server on a server
http://support.microsoft.com/?id=839617
You may want to check if the issue occurs on different client computers to
isolate the issue.
Best Regards,
Peter Yang
MCSE2000/2003, MCSA, MCDBA
Microsoft Online Partner Support
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
| From: "Aubrey McAuley" <winaix@.nospam.nospam>
| Subject: client-requested SSL encryption errors
| Date: Wed, 27 Jul 2005 16:10:49 -0500
| Lines: 65
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#Gi#t#ukFHA.2852@.TK2MSFTNGP15.phx.gbl>
| Newsgroups: microsoft.public.sqlserver.server
| NNTP-Posting-Host: rrcs-67-79-5-147.sw.biz.rr.com 67.79.5.147
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.sqlserver.server:64999
| X-Tomcat-NG: microsoft.public.sqlserver.server
|
| I did not get any useful response the last time I posted this, so now I'm
| posting a more detailed version of the question.
|
| We are having difficulty getting client-requested SSL encryption to work
| with SQL Server 2000 Enterprise SP4.
|
| Using "Force All Clients to Use SSL" is not an option for us. We need to
be
| able to have certain clients (extranet)use encryption without forcing
other
| clients (intranet) to also use encryption. Hence, we need to know how to
| make "Force Protocol Encryption" work from the Client Network Utility
with
| SQL Query Analyzer.
|
| Ultimately, our goal is to enable encryption in certain connection
requests
| from custom client applications we are writing. However, we will be happy
| for now if we can at least get it working from a standard MS tool as
| described in the SQL Server documentation and KB articles.
|
| Has anyone else managed to make client-requested encryption work without
| using a commercial CA? For that matter, has anyone suceeded in making it
| work *with* a commercial CA?
|
| When I connect using SQL Query Analyzer without Force Protocol Encryption
in
| the Client Network Utility, everything works fine. When I select Force
| Protocol Encryption, then I get the following error:
|
| ====| unable to connect to server
| server: msg 18, level 16, state 1
| [microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
|
| ====|
| The server is running Windows Server 2003 Enterprise SP1. As mentioned
| earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
|
| The Server Authentication certificate is installed correctly on the SQL
| Server 2000 machine. It was generated by Microsoft Certificate Services
| configured as a stand-alone root CA. The certificate chain is OK
according
| to MMC snap-in and works fine with no warnings for HTTPS connections to
IIS,
| so I don't see how the certificate could be malformed. There definitely
is
| only one certificate installed on the server (at least according to the
MMC
| snap-in for Certificates). The Root CA chain is installed on the client
and
| is OK according to MMC. This seems to be validated by the fact that IE
| doesn't give any warnings when making an HTTPS connection to the server
| (i.e., it recognizes the certificate chain as a trusted source).
|
| I've read every KB article I can find on the subject, followed all the
| instructions with meticulous care, and reinstalled everything from
scratch
| twice already (including the CA, thus generating a new root certificate
and
| new server authentication certificate). The client still fails to connect
| whenever I force client encryption (it's not feasible for us to set force
| encryption on the server).
|
| I've even tried creating various aliases for the server in the Client
| Network Utility, as suggested in one KB article, but that doesn't seem to
| help either.
|
| Perhaps I'm overlooking something really obvious, but I'm seriously
| beginning to doubt whether SQL Server really supports client-initiated
SSL
| connections at all. Has anyone else gotten this to work? If so, what was
the
| trick to making it work?
|
| Any suggestions would be greatly appreciated.
|
|
|
posting a more detailed version of the question.
We are having difficulty getting client-requested SSL encryption to work
with SQL Server 2000 Enterprise SP4.
Using "Force All Clients to Use SSL" is not an option for us. We need to be
able to have certain clients (extranet)use encryption without forcing other
clients (intranet) to also use encryption. Hence, we need to know how to
make "Force Protocol Encryption" work from the Client Network Utility with
SQL Query Analyzer.
Ultimately, our goal is to enable encryption in certain connection requests
from custom client applications we are writing. However, we will be happy
for now if we can at least get it working from a standard MS tool as
described in the SQL Server documentation and KB articles.
Has anyone else managed to make client-requested encryption work without
using a commercial CA? For that matter, has anyone suceeded in making it
work *with* a commercial CA?
When I connect using SQL Query Analyzer without Force Protocol Encryption in
the Client Network Utility, everything works fine. When I select Force
Protocol Encryption, then I get the following error:
==== unable to connect to server
server: msg 18, level 16, state 1
[microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
====
The server is running Windows Server 2003 Enterprise SP1. As mentioned
earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
The Server Authentication certificate is installed correctly on the SQL
Server 2000 machine. It was generated by Microsoft Certificate Services
configured as a stand-alone root CA. The certificate chain is OK according
to MMC snap-in and works fine with no warnings for HTTPS connections to IIS,
so I don't see how the certificate could be malformed. There definitely is
only one certificate installed on the server (at least according to the MMC
snap-in for Certificates). The Root CA chain is installed on the client and
is OK according to MMC. This seems to be validated by the fact that IE
doesn't give any warnings when making an HTTPS connection to the server
(i.e., it recognizes the certificate chain as a trusted source).
I've read every KB article I can find on the subject, followed all the
instructions with meticulous care, and reinstalled everything from scratch
twice already (including the CA, thus generating a new root certificate and
new server authentication certificate). The client still fails to connect
whenever I force client encryption (it's not feasible for us to set force
encryption on the server).
I've even tried creating various aliases for the server in the Client
Network Utility, as suggested in one KB article, but that doesn't seem to
help either.
Perhaps I'm overlooking something really obvious, but I'm seriously
beginning to doubt whether SQL Server really supports client-initiated SSL
connections at all. Has anyone else gotten this to work? If so, what was the
trick to making it work?
Any suggestions would be greatly appreciated.Hello Aubrey,
I don't think you need a commercial certfiicate to do this.
If you want to enable Force Protocol Encryption on the client, you must
have a certificate on the server and the client must have the Trusted Root
Authority updated to trust the server certificate. You can install your own
CA and get certficate from it on the server, and install root CA
certificate on the client.
You may have reviewed the following articles but the steps to enable SSL
from client are verified to work properly.
316898 How to enable SSL encryption for SQL Server 2000 with Microsoft
http://support.microsoft.com/?id=316898
316779 PRB: Clients with Force Protocol Encryption Set On May Fail to
Connect
http://support.microsoft.com/?id=316779
276553 How to enable SSL encryption for SQL Server 2000 with Certificate
Server
http://support.microsoft.com/?id=276553
Also, to make sure the certificate installed on the SQL server is correct,
we suggest that you enable "Force Protocol Encryption" temporarily and
disable "Force Protocol Encryption" on client to test the situation. If it
works under this situation, the server certificate itself has no issues.
Note: EVEN IF YOU ARE ENABLING FORCE PROTOCOL ENCRYPTION ON THE CLIENT SIDE
ONLY, YOU STILL NEED TO RESTART SQL SERVER FOR THE CERTIFICATE TO BECOME
EFFECTIVE AND USED BY SQL SERVER.
If "Force Protocol Encryption" on server does not work, please check the
certificate property to make sure it is for FQDN for the SQL server.
839617 BUG: You cannot connect to an instance of SQL Server on a server
http://support.microsoft.com/?id=839617
You may want to check if the issue occurs on different client computers to
isolate the issue.
Best Regards,
Peter Yang
MCSE2000/2003, MCSA, MCDBA
Microsoft Online Partner Support
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
| From: "Aubrey McAuley" <winaix@.nospam.nospam>
| Subject: client-requested SSL encryption errors
| Date: Wed, 27 Jul 2005 16:10:49 -0500
| Lines: 65
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#Gi#t#ukFHA.2852@.TK2MSFTNGP15.phx.gbl>
| Newsgroups: microsoft.public.sqlserver.server
| NNTP-Posting-Host: rrcs-67-79-5-147.sw.biz.rr.com 67.79.5.147
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.sqlserver.server:64999
| X-Tomcat-NG: microsoft.public.sqlserver.server
|
| I did not get any useful response the last time I posted this, so now I'm
| posting a more detailed version of the question.
|
| We are having difficulty getting client-requested SSL encryption to work
| with SQL Server 2000 Enterprise SP4.
|
| Using "Force All Clients to Use SSL" is not an option for us. We need to
be
| able to have certain clients (extranet)use encryption without forcing
other
| clients (intranet) to also use encryption. Hence, we need to know how to
| make "Force Protocol Encryption" work from the Client Network Utility
with
| SQL Query Analyzer.
|
| Ultimately, our goal is to enable encryption in certain connection
requests
| from custom client applications we are writing. However, we will be happy
| for now if we can at least get it working from a standard MS tool as
| described in the SQL Server documentation and KB articles.
|
| Has anyone else managed to make client-requested encryption work without
| using a commercial CA? For that matter, has anyone suceeded in making it
| work *with* a commercial CA?
|
| When I connect using SQL Query Analyzer without Force Protocol Encryption
in
| the Client Network Utility, everything works fine. When I select Force
| Protocol Encryption, then I get the following error:
|
| ====| unable to connect to server
| server: msg 18, level 16, state 1
| [microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
|
| ====|
| The server is running Windows Server 2003 Enterprise SP1. As mentioned
| earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
|
| The Server Authentication certificate is installed correctly on the SQL
| Server 2000 machine. It was generated by Microsoft Certificate Services
| configured as a stand-alone root CA. The certificate chain is OK
according
| to MMC snap-in and works fine with no warnings for HTTPS connections to
IIS,
| so I don't see how the certificate could be malformed. There definitely
is
| only one certificate installed on the server (at least according to the
MMC
| snap-in for Certificates). The Root CA chain is installed on the client
and
| is OK according to MMC. This seems to be validated by the fact that IE
| doesn't give any warnings when making an HTTPS connection to the server
| (i.e., it recognizes the certificate chain as a trusted source).
|
| I've read every KB article I can find on the subject, followed all the
| instructions with meticulous care, and reinstalled everything from
scratch
| twice already (including the CA, thus generating a new root certificate
and
| new server authentication certificate). The client still fails to connect
| whenever I force client encryption (it's not feasible for us to set force
| encryption on the server).
|
| I've even tried creating various aliases for the server in the Client
| Network Utility, as suggested in one KB article, but that doesn't seem to
| help either.
|
| Perhaps I'm overlooking something really obvious, but I'm seriously
| beginning to doubt whether SQL Server really supports client-initiated
SSL
| connections at all. Has anyone else gotten this to work? If so, what was
the
| trick to making it work?
|
| Any suggestions would be greatly appreciated.
|
|
|
client-requested SSL encryption errors
I did not get any useful response the last time I posted this, so now I'm
posting a more detailed version of the question.
We are having difficulty getting client-requested SSL encryption to work
with SQL Server 2000 Enterprise SP4.
Using "Force All Clients to Use SSL" is not an option for us. We need to be
able to have certain clients (extranet)use encryption without forcing other
clients (intranet) to also use encryption. Hence, we need to know how to
make "Force Protocol Encryption" work from the Client Network Utility with
SQL Query Analyzer.
Ultimately, our goal is to enable encryption in certain connection requests
from custom client applications we are writing. However, we will be happy
for now if we can at least get it working from a standard MS tool as
described in the SQL Server documentation and KB articles.
Has anyone else managed to make client-requested encryption work without
using a commercial CA? For that matter, has anyone suceeded in making it
work *with* a commercial CA?
When I connect using SQL Query Analyzer without Force Protocol Encryption in
the Client Network Utility, everything works fine. When I select Force
Protocol Encryption, then I get the following error:
====
unable to connect to server
server: msg 18, level 16, state 1
[microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
====
The server is running Windows Server 2003 Enterprise SP1. As mentioned
earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
The Server Authentication certificate is installed correctly on the SQL
Server 2000 machine. It was generated by Microsoft Certificate Services
configured as a stand-alone root CA. The certificate chain is OK according
to MMC snap-in and works fine with no warnings for HTTPS connections to IIS,
so I don't see how the certificate could be malformed. There definitely is
only one certificate installed on the server (at least according to the MMC
snap-in for Certificates). The Root CA chain is installed on the client and
is OK according to MMC. This seems to be validated by the fact that IE
doesn't give any warnings when making an HTTPS connection to the server
(i.e., it recognizes the certificate chain as a trusted source).
I've read every KB article I can find on the subject, followed all the
instructions with meticulous care, and reinstalled everything from scratch
twice already (including the CA, thus generating a new root certificate and
new server authentication certificate). The client still fails to connect
whenever I force client encryption (it's not feasible for us to set force
encryption on the server).
I've even tried creating various aliases for the server in the Client
Network Utility, as suggested in one KB article, but that doesn't seem to
help either.
Perhaps I'm overlooking something really obvious, but I'm seriously
beginning to doubt whether SQL Server really supports client-initiated SSL
connections at all. Has anyone else gotten this to work? If so, what was the
trick to making it work?
Any suggestions would be greatly appreciated.Hello Aubrey,
I don't think you need a commercial certfiicate to do this.
If you want to enable Force Protocol Encryption on the client, you must
have a certificate on the server and the client must have the Trusted Root
Authority updated to trust the server certificate. You can install your own
CA and get certficate from it on the server, and install root CA
certificate on the client.
You may have reviewed the following articles but the steps to enable SSL
from client are verified to work properly.
316898 How to enable SSL encryption for SQL Server 2000 with Microsoft
http://support.microsoft.com/?id=316898
316779 PRB: Clients with Force Protocol Encryption Set On May Fail to
Connect
http://support.microsoft.com/?id=316779
276553 How to enable SSL encryption for SQL Server 2000 with Certificate
Server
http://support.microsoft.com/?id=276553
Also, to make sure the certificate installed on the SQL server is correct,
we suggest that you enable "Force Protocol Encryption" temporarily and
disable "Force Protocol Encryption" on client to test the situation. If it
works under this situation, the server certificate itself has no issues.
Note: EVEN IF YOU ARE ENABLING FORCE PROTOCOL ENCRYPTION ON THE CLIENT SIDE
ONLY, YOU STILL NEED TO RESTART SQL SERVER FOR THE CERTIFICATE TO BECOME
EFFECTIVE AND USED BY SQL SERVER.
If "Force Protocol Encryption" on server does not work, please check the
certificate property to make sure it is for FQDN for the SQL server.
839617 BUG: You cannot connect to an instance of SQL Server on a server
http://support.microsoft.com/?id=839617
You may want to check if the issue occurs on different client computers to
isolate the issue.
Best Regards,
Peter Yang
MCSE2000/2003, MCSA, MCDBA
Microsoft Online Partner Support
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
========================================
=============
This posting is provided "AS IS" with no warranties, and confers no rights.
| From: "Aubrey McAuley" <winaix@.nospam.nospam>
| Subject: client-requested SSL encryption errors
| Date: Wed, 27 Jul 2005 16:10:49 -0500
| Lines: 65
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#Gi#t#ukFHA.2852@.TK2MSFTNGP15.phx.gbl>
| Newsgroups: microsoft.public.sqlserver.server
| NNTP-Posting-Host: rrcs-67-79-5-147.sw.biz.rr.com 67.79.5.147
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.sqlserver.server:64999
| X-Tomcat-NG: microsoft.public.sqlserver.server
|
| I did not get any useful response the last time I posted this, so now I'm
| posting a more detailed version of the question.
|
| We are having difficulty getting client-requested SSL encryption to work
| with SQL Server 2000 Enterprise SP4.
|
| Using "Force All Clients to Use SSL" is not an option for us. We need to
be
| able to have certain clients (extranet)use encryption without forcing
other
| clients (intranet) to also use encryption. Hence, we need to know how to
| make "Force Protocol Encryption" work from the Client Network Utility
with
| SQL Query Analyzer.
|
| Ultimately, our goal is to enable encryption in certain connection
requests
| from custom client applications we are writing. However, we will be happy
| for now if we can at least get it working from a standard MS tool as
| described in the SQL Server documentation and KB articles.
|
| Has anyone else managed to make client-requested encryption work without
| using a commercial CA? For that matter, has anyone suceeded in making it
| work *with* a commercial CA?
|
| When I connect using SQL Query Analyzer without Force Protocol Encryption
in
| the Client Network Utility, everything works fine. When I select Force
| Protocol Encryption, then I get the following error:
|
| ====
| unable to connect to server
| server: msg 18, level 16, state 1
| [microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security erro
r
|
| ====
|
| The server is running Windows Server 2003 Enterprise SP1. As mentioned
| earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
|
| The Server Authentication certificate is installed correctly on the SQL
| Server 2000 machine. It was generated by Microsoft Certificate Services
| configured as a stand-alone root CA. The certificate chain is OK
according
| to MMC snap-in and works fine with no warnings for HTTPS connections to
IIS,
| so I don't see how the certificate could be malformed. There definitely
is
| only one certificate installed on the server (at least according to the
MMC
| snap-in for Certificates). The Root CA chain is installed on the client
and
| is OK according to MMC. This seems to be validated by the fact that IE
| doesn't give any warnings when making an HTTPS connection to the server
| (i.e., it recognizes the certificate chain as a trusted source).
|
| I've read every KB article I can find on the subject, followed all the
| instructions with meticulous care, and reinstalled everything from
scratch
| twice already (including the CA, thus generating a new root certificate
and
| new server authentication certificate). The client still fails to connect
| whenever I force client encryption (it's not feasible for us to set force
| encryption on the server).
|
| I've even tried creating various aliases for the server in the Client
| Network Utility, as suggested in one KB article, but that doesn't seem to
| help either.
|
| Perhaps I'm overlooking something really obvious, but I'm seriously
| beginning to doubt whether SQL Server really supports client-initiated
SSL
| connections at all. Has anyone else gotten this to work? If so, what was
the
| trick to making it work?
|
| Any suggestions would be greatly appreciated.
|
|
|
posting a more detailed version of the question.
We are having difficulty getting client-requested SSL encryption to work
with SQL Server 2000 Enterprise SP4.
Using "Force All Clients to Use SSL" is not an option for us. We need to be
able to have certain clients (extranet)use encryption without forcing other
clients (intranet) to also use encryption. Hence, we need to know how to
make "Force Protocol Encryption" work from the Client Network Utility with
SQL Query Analyzer.
Ultimately, our goal is to enable encryption in certain connection requests
from custom client applications we are writing. However, we will be happy
for now if we can at least get it working from a standard MS tool as
described in the SQL Server documentation and KB articles.
Has anyone else managed to make client-requested encryption work without
using a commercial CA? For that matter, has anyone suceeded in making it
work *with* a commercial CA?
When I connect using SQL Query Analyzer without Force Protocol Encryption in
the Client Network Utility, everything works fine. When I select Force
Protocol Encryption, then I get the following error:
====
unable to connect to server
server: msg 18, level 16, state 1
[microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
====
The server is running Windows Server 2003 Enterprise SP1. As mentioned
earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
The Server Authentication certificate is installed correctly on the SQL
Server 2000 machine. It was generated by Microsoft Certificate Services
configured as a stand-alone root CA. The certificate chain is OK according
to MMC snap-in and works fine with no warnings for HTTPS connections to IIS,
so I don't see how the certificate could be malformed. There definitely is
only one certificate installed on the server (at least according to the MMC
snap-in for Certificates). The Root CA chain is installed on the client and
is OK according to MMC. This seems to be validated by the fact that IE
doesn't give any warnings when making an HTTPS connection to the server
(i.e., it recognizes the certificate chain as a trusted source).
I've read every KB article I can find on the subject, followed all the
instructions with meticulous care, and reinstalled everything from scratch
twice already (including the CA, thus generating a new root certificate and
new server authentication certificate). The client still fails to connect
whenever I force client encryption (it's not feasible for us to set force
encryption on the server).
I've even tried creating various aliases for the server in the Client
Network Utility, as suggested in one KB article, but that doesn't seem to
help either.
Perhaps I'm overlooking something really obvious, but I'm seriously
beginning to doubt whether SQL Server really supports client-initiated SSL
connections at all. Has anyone else gotten this to work? If so, what was the
trick to making it work?
Any suggestions would be greatly appreciated.Hello Aubrey,
I don't think you need a commercial certfiicate to do this.
If you want to enable Force Protocol Encryption on the client, you must
have a certificate on the server and the client must have the Trusted Root
Authority updated to trust the server certificate. You can install your own
CA and get certficate from it on the server, and install root CA
certificate on the client.
You may have reviewed the following articles but the steps to enable SSL
from client are verified to work properly.
316898 How to enable SSL encryption for SQL Server 2000 with Microsoft
http://support.microsoft.com/?id=316898
316779 PRB: Clients with Force Protocol Encryption Set On May Fail to
Connect
http://support.microsoft.com/?id=316779
276553 How to enable SSL encryption for SQL Server 2000 with Certificate
Server
http://support.microsoft.com/?id=276553
Also, to make sure the certificate installed on the SQL server is correct,
we suggest that you enable "Force Protocol Encryption" temporarily and
disable "Force Protocol Encryption" on client to test the situation. If it
works under this situation, the server certificate itself has no issues.
Note: EVEN IF YOU ARE ENABLING FORCE PROTOCOL ENCRYPTION ON THE CLIENT SIDE
ONLY, YOU STILL NEED TO RESTART SQL SERVER FOR THE CERTIFICATE TO BECOME
EFFECTIVE AND USED BY SQL SERVER.
If "Force Protocol Encryption" on server does not work, please check the
certificate property to make sure it is for FQDN for the SQL server.
839617 BUG: You cannot connect to an instance of SQL Server on a server
http://support.microsoft.com/?id=839617
You may want to check if the issue occurs on different client computers to
isolate the issue.
Best Regards,
Peter Yang
MCSE2000/2003, MCSA, MCDBA
Microsoft Online Partner Support
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
========================================
=============
This posting is provided "AS IS" with no warranties, and confers no rights.
| From: "Aubrey McAuley" <winaix@.nospam.nospam>
| Subject: client-requested SSL encryption errors
| Date: Wed, 27 Jul 2005 16:10:49 -0500
| Lines: 65
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#Gi#t#ukFHA.2852@.TK2MSFTNGP15.phx.gbl>
| Newsgroups: microsoft.public.sqlserver.server
| NNTP-Posting-Host: rrcs-67-79-5-147.sw.biz.rr.com 67.79.5.147
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.sqlserver.server:64999
| X-Tomcat-NG: microsoft.public.sqlserver.server
|
| I did not get any useful response the last time I posted this, so now I'm
| posting a more detailed version of the question.
|
| We are having difficulty getting client-requested SSL encryption to work
| with SQL Server 2000 Enterprise SP4.
|
| Using "Force All Clients to Use SSL" is not an option for us. We need to
be
| able to have certain clients (extranet)use encryption without forcing
other
| clients (intranet) to also use encryption. Hence, we need to know how to
| make "Force Protocol Encryption" work from the Client Network Utility
with
| SQL Query Analyzer.
|
| Ultimately, our goal is to enable encryption in certain connection
requests
| from custom client applications we are writing. However, we will be happy
| for now if we can at least get it working from a standard MS tool as
| described in the SQL Server documentation and KB articles.
|
| Has anyone else managed to make client-requested encryption work without
| using a commercial CA? For that matter, has anyone suceeded in making it
| work *with* a commercial CA?
|
| When I connect using SQL Query Analyzer without Force Protocol Encryption
in
| the Client Network Utility, everything works fine. When I select Force
| Protocol Encryption, then I get the following error:
|
| ====
| unable to connect to server
| server: msg 18, level 16, state 1
| [microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security erro
r
|
| ====
|
| The server is running Windows Server 2003 Enterprise SP1. As mentioned
| earlier, MSSQLSERVER version is SQL Server 2000 Enterprise SP4.
|
| The Server Authentication certificate is installed correctly on the SQL
| Server 2000 machine. It was generated by Microsoft Certificate Services
| configured as a stand-alone root CA. The certificate chain is OK
according
| to MMC snap-in and works fine with no warnings for HTTPS connections to
IIS,
| so I don't see how the certificate could be malformed. There definitely
is
| only one certificate installed on the server (at least according to the
MMC
| snap-in for Certificates). The Root CA chain is installed on the client
and
| is OK according to MMC. This seems to be validated by the fact that IE
| doesn't give any warnings when making an HTTPS connection to the server
| (i.e., it recognizes the certificate chain as a trusted source).
|
| I've read every KB article I can find on the subject, followed all the
| instructions with meticulous care, and reinstalled everything from
scratch
| twice already (including the CA, thus generating a new root certificate
and
| new server authentication certificate). The client still fails to connect
| whenever I force client encryption (it's not feasible for us to set force
| encryption on the server).
|
| I've even tried creating various aliases for the server in the Client
| Network Utility, as suggested in one KB article, but that doesn't seem to
| help either.
|
| Perhaps I'm overlooking something really obvious, but I'm seriously
| beginning to doubt whether SQL Server really supports client-initiated
SSL
| connections at all. Has anyone else gotten this to work? If so, what was
the
| trick to making it work?
|
| Any suggestions would be greatly appreciated.
|
|
|
Tuesday, February 14, 2012
Client found response content type of ''text/html; charset=utf-8'', but expected ''text/xm
Hi,
I am getting these errors from Report Manager. It seems that every time after the server has been idling for about 15 minutes, I would get this error message. I can click on other links and I am able to continue to use Report Manager.
Is there a timeout setting to help me resolve this or is this a bug with Report Manager? I just insitalled SP2 on the SQL Server and the Reporting Service.
Error message on browser:
Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'. The request failed with the error message: -- <html> <head> <title> SQL Server Reporting Services </title><meta name="Generator" content="Microsoft SQL Server Reporting Services 9.00.3042.00" /> <meta name="HTTP Status" content="500" /> <meta name="ProductLocaleID" content="9" /> <meta name="CountryLocaleID" content="1033" /> <style> BODY {FONT-FAMILY:Verdana; FONT-WEIGHT:normal; FONT-SIZE: 8pt; COLOR:black} H1 {FONT-FAMILY:Verdana; FONT-WEIGHT:700; FONT-SIZE:15pt} LI {FONT-FAMILY:Verdana; FONT-WEIGHT:normal; FONT-SIZE:8pt; DISPLAY:inline} .ProductInfo {FONT-FAMILY:Verdana; FONT-WEIGHT:bold; FONT-SIZE: 8pt; COLOR:gray} A:link {FONT-SIZE: 8pt; FONT-FAMILY:Verdana; COLOR![[:#]](http://pics.10026.com/?src=http://forums.microsoft.com/MSDN/emoticons/emotion-16.gif)
3366CC; TEXT-DECORATION:none} A:hover {FONT-SIZE: 8pt; FONT-FAMILY:Verdana; COLORFF3300; TEXT-DECORATION:underline} A:visited {FONT-SIZE: 8pt; FONT-FAMILY:Verdana; COLOR3366CC; TEXT-DECORATION:none} A:visited:hover {FONT-SIZE: 8pt; FONT-FAMILY:Verdana; colorFF3300; TEXT-DECORATION:underline} </style> </head><body bgcolor="white"> <h1> Reporting Services Error<hr width="100%" size="1" color="silver" /> </h1><ul> <li>An internal error occurred on the report server. See the error log for more details. (rsInternalError) <a href="http://go.microsoft.com/fwlink/?LinkId=20476&EvtSrc=Microsoft.ReportingServices.Diagnostics.Utilities.ErrorStrings&EvtID=rsInternalError&ProdName=Microsoft%20SQL%20Server%20Reporting%20Services&ProdVer=9.00.3042.00" target="_blank">Get Online Help</a></li><ul> <li>For more information about this error navigate to the report server on the local server machine, or enable remote errors</li> </ul><hr width="100%" size="1" color="silver" /><span class="ProductInfo">SQL Server Reporting Services</span> </ul> </body> --.
Any ideas?
Thanks,
-waslam
Maybe this will help you:
http://blogs.msdn.com/jgalla/archive/2006/10/11/session-timeout-during-execution.aspx
Client found response content type of ''text/html; charset=utf-8'', but expected ''text/xm
Hi,
I am getting these errors from Report Manager. It seems that every time after the server has been idling for about 15 minutes, I would get this error message. I can click on other links and I am able to continue to use Report Manager.
Is there a timeout setting to help me resolve this or is this a bug with Report Manager? I just insitalled SP2 on the SQL Server and the Reporting Service.
Error message on browser:
Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'. The request failed with the error message: -- <html> <head> <title> SQL Server Reporting Services </title><meta name="Generator" content="Microsoft SQL Server Reporting Services 9.00.3042.00" /> <meta name="HTTP Status" content="500" /> <meta name="ProductLocaleID" content="9" /> <meta name="CountryLocaleID" content="1033" /> <style> BODY {FONT-FAMILY:Verdana; FONT-WEIGHT:normal; FONT-SIZE: 8pt; COLOR:black} H1 {FONT-FAMILY:Verdana; FONT-WEIGHT:700; FONT-SIZE:15pt} LI {FONT-FAMILY:Verdana; FONT-WEIGHT:normal; FONT-SIZE:8pt; DISPLAY:inline} .ProductInfo {FONT-FAMILY:Verdana; FONT-WEIGHT:bold; FONT-SIZE: 8pt; COLOR:gray} A:link {FONT-SIZE: 8pt; FONT-FAMILY:Verdana; COLOR3366CC; TEXT-DECORATION:none} A:hover {FONT-SIZE: 8pt; FONT-FAMILY:Verdana; COLORFF3300; TEXT-DECORATION:underline} A:visited {FONT-SIZE: 8pt; FONT-FAMILY:Verdana; COLOR3366CC; TEXT-DECORATION:none} A:visited:hover {FONT-SIZE: 8pt; FONT-FAMILY:Verdana; colorFF3300; TEXT-DECORATION:underline} </style> </head><body bgcolor="white"> <h1> Reporting Services Error<hr width="100%" size="1" color="silver" /> </h1><ul> <li>An internal error occurred on the report server. See the error log for more details. (rsInternalError) <a href="http://go.microsoft.com/fwlink/?LinkId=20476&EvtSrc=Microsoft.ReportingServices.Diagnostics.Utilities.ErrorStrings&EvtID=rsInternalError&ProdName=Microsoft%20SQL%20Server%20Reporting%20Services&ProdVer=9.00.3042.00" target="_blank">Get Online Help</a></li><ul> <li>For more information about this error navigate to the report server on the local server machine, or enable remote errors</li> </ul><hr width="100%" size="1" color="silver" /><span class="ProductInfo">SQL Server Reporting Services</span> </ul> </body> --.
Any ideas?
Thanks,
-waslam
Maybe this will help you:
http://blogs.msdn.com/jgalla/archive/2006/10/11/session-timeout-during-execution.aspx
Client found response content type of , but expected text/xml.
Hello, I have this code, and it just doesnt work,I am using rs 2005.
privatevoid cargarReporteFromWS()
{
cargarFormatos();
//Format format = (Format)ddlFormats.SelectedValue;
string encoding;string mimeType;ParameterValue[] parametersUsed;Warning[] warnings;string[] streamIds;rs =
newReportingService();rs.Credentials = System.Net.
CredentialCache.DefaultCredentials;rs.Url =
"http://agamenon:90/reportserver/ReportingServices.asmx";byte[] data;string path ="/GescomRpts/RPT_MediosDesarrollo";data = rs.Render(path, ddlFormats.SelectedValue,
null,null,null,null,null,out encoding,out mimeType,out parametersUsed,out warnings,out streamIds);FuncionesRS fs =newFuncionesRS() ;string extension = fs.GetExtension(mimeType);string filename = path +"." + extension;Response.Clear();
Response.ContentType=mimeType;
if(mimeType!="text/html")Response.AddHeader(
"Content-disposition","attachment; filename="+filename);Response.BinaryWrite(data);
}
Server Error in '/GescomDllo' Application.
Client found response content type of '', but expected 'text/xml'.
The request failed with an empty response.
Description:An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.Exception Details:System.InvalidOperationException: Client found response content type of '', but expected 'text/xml'.
The request failed with an empty response.
Source Error:
Line 1704: [return: System.Xml.Serialization.XmlElementAttribute("Result", DataType="base64Binary")]Line 1705: public byte[] Render(string Report, string Format, string HistoryID, string DeviceInfo, ParameterValue[] Parameters, DataSourceCredentials[] Credentials, string ShowHideToggle, out string Encoding, out string MimeType, out ParameterValue[] ParametersUsed, out Warning[] Warnings, out string[] StreamIds) {Line 1706: object[] results = this.Invoke("Render", new object[] {Line 1707: Report,Line 1708: Format,Source File:c:\WINNT\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\gescomdllo\27bee1ac\cdebe31b\App_WebReferences.4i0hyhkt.0.cs Line:1706
Stack Trace:
[InvalidOperationException: Client found response content type of '', but expected 'text/xml'.The request failed with an empty response.] System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) +533395 System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) +204 RSWebService.ReportingService.Render(String Report, String Format, String HistoryID, String DeviceInfo, ParameterValue[] Parameters, DataSourceCredentials[] Credentials, String ShowHideToggle, String& Encoding, String& MimeType, ParameterValue[]& ParametersUsed, Warning[]& Warnings, String[]& StreamIds) in c:\WINNT\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\gescomdllo\27bee1ac\cdebe31b\App_WebReferences.4i0hyhkt.0.cs:1706 Protected_01_Administradores_rptmediosdesarrollo.cargarReporteFromWS() in c:\Inetpub\wwwroot\GescomDllo\Protected\01_Administradores\rptmediosdesarrollo.aspx.cs:44 Protected_01_Administradores_rptmediosdesarrollo.Page_Load(Object sender, EventArgs e) in c:\Inetpub\wwwroot\GescomDllo\Protected\01_Administradores\rptmediosdesarrollo.aspx.cs:23 System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +15 System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +34 System.Web.UI.Control.OnLoad(EventArgs e) +99 System.Web.UI.Control.LoadRecursive() +47 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1061
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42
http://spaces.msn.com/levalenciam
What exactly are you trying to do with this code?
Subscribe to:
Posts (Atom)