SSL Provider Client and Server do not possess a common algorithm
KBS100262
DOWNLOADSIISCrypto tool for enabling/disabling TLS/SSL
https://www.nartac.com/Products/IISCrypto
PRODUCThttps://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings
TAGSIssue
After migrating K2 4.7 to a new Windows 2016 server and upgrading to K2 5.3, SQL SmartObjects execution started to fail with:
A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The client and server cannot communicate, because they do not possess a common algorithm.)
Symptoms
- Adding a test SQL service instance against the same SQL 2016 server as the K2 database works
- The SQL service instances that are not working are connected to a SQL 2012 server
- It was determined that the SQL 2012 server likely did not have TLS 1.2 support and required SSL 3.0 or TLS 1.0 that was disabled on the new Windows 2016 K2 server.
Resolution
To resolve the issue, you will either need to:
- Apply the applicable updates so that SQL Server 2012 will support TLS 1.2 (which is enabled on the new K2 Windows 2016 server)
Or
- Enable TLS 1.0 on the new K2 Windows 2016 server.