Re: CR Reports won't run against SQL Server with TLS1.0 disabled

The web services are NOT the source for the data.

The web services just happen to be running on the same server as the SQL Server.

The customer did a PCI compliance scan on that server, and the ports used by the WS showed that TLS1.0 was enabled (not necessarily used).. so we disabled TLS1.0 using the tools mentioned above (Nartac).  The only thing this actually changes are registry entries specific to the .NET framework setup (used by the OS) HKEY_LOCAL_MACHINE\System\currentcontrolset\control\securityProviders\schannel

We have a VB.NET winforms application that talks to SQL Server and runs reports.  The app still works except for the CR ... which no longer works properly.  When they (CR) run in this environment, they will just keep prompting for DB credentials.  (our program provides all the DB connection inf via code).

I have a small test App, it allows me to switch between Servers, it runs a simple report.

I run that report against a Server where TLS1.0 is enabled and it works, I switch to the server where TLS 1.0 is disabled.. does not work.  If I re-enable TLS1.0 on the second server the report will now work against that server.  So there has to be something going on specifically related that (TLS1.0)....??

This is going to become a major issue as more and more of our customers will need to be PCI compliant.  Which means that any server that is externally exposed must have SSL3/TLS1.0 etc.. disabled.  Even Sql server has some issues.. if the version of SQL server is not up to a fairly recent patch level and does not has .NET 4.5 installed, it won't even start with TLS1.0 disabled.  .NET framework introduced support for TLS1.2 in version 4.5 (to the best of my knowledge).

In our case, both the Server and Client must have .NET 4.5 installed in order to operate with TLS1.0 disabled on the server (even though we don't use encrypted connections).

I'll ask about 'communications'... but no idea what they can capture.

Sorry to ramble.. but really need some help, thanks for help!

Message was edited by: Mike Hopkins edit for incorrect reg path