"No process is on the other end of pipe" caused by bad certificate
In this blog, I am focusing on one specific error message which I think a little confusing for you to troubleshoot the connectivity issue against SQL Server 2005.
To be clear, please make sure you saw the following exact same symptom before you apply the resolution that this blog provide since the same error message could also caused by other reasons which is out of scope of this blog.
1) OS on the server could be WinXP/Win 2K/ Win 2K3/ Vista.
2) SQL Server 2005
3) Server was started and from Server ERRORLOG, you can see "The certificate was successfully loaded for encryption."
4) Make local or remote connection over SNAC(SQL 2005 Client) or SqlClient(ADO.NET 2.0) provider, you see any of following error message depends on what protocols enabled on your sql server:
Shared Memory Provider: No process is on the other end of the pipe.
Named Pipes Provider: No process is on the other end of the pipe.
TCP Provider: An existing connection was forcibly closed by the remote host.
5) The problem is consistently not intermitently whenever you make a fresh connection.
6) If you try connection over MDAC( SQLOLEDB.1 provider or {SQL Server} driver) you would get consistent and more descriptable error message like:
[DBMSLPCN]SSL Security error
[DBMSLPCN]ConnectionOpen (SECDoClientHandshake()).
The cause behind would be various such as SQL Server loads the bad cert due to different OS behavior such as between XP/2K and 2K3, later on connection fail since certificate validation does not pass on the server based on validation flag provided by the client.
The resolution here is:
1) If you are not trying encryption, first, see whether you explicitly specify a cert? if so, then delete it; otherwise, go to local machine or user certificate personal store, delete all certificates, and restart sql server, doulbe check Server ERRORLOG, see " A self-signed certificate was successfully loaded for encryption.", then retry connection.
2) If you must use encrypted connection, you need a good certificate for SQL Server 2005. Please see blog: http://blogs.msdn.com/sql_protocols/archive/2005/12/30/508311.aspx
to understand what kind of certificate is qualified for SQL 2k5. Also, you can go to SQL Server Configuration Manager, right click properties for the sql instance, and choose *Certificate* tab, choose any certificate in the drop down list which has already been validated by SQL 2k5, then restarted the sql instance and retry connection.
The error you may hit more frequently when you did not choose a cert and SQL Server load the bad cert from certificate store. There are various bad cert that cause the problem, see kB:http://support.microsoft.com/kb/919710/en-us for one example.
Monday, July 6, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment