none
The underlying connection was closed withing a CLR calling dll using TLS 1.2

    Question

  • Good Day all,

    My preliminary research for the above error leads me to believe that this is an issue with TLS 1.2 security protocol. 

    I have performed the steps outlined in some of the KB articles. Such as: 

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
    "SystemDefaultTlsVersions"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
    "SystemDefaultTlsVersions"=dword:00000001

    I have added these keys. And on this one:

     HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2

    \Server

    and \Client

    I created 2 DWORDS for Enabled = 1 and DeisabledByDefault set to 0.

    Now what I am doing here is calling a dll which is calling UPS Address

    Validation (recently switched to TLS 1.2)

    using this code:

    xavRequest.AddressKeyFormat = addressKeyFormat;
                    System.Net.ServicePointManager.Expect100Continue = true;
                    System.Net.ServicePointManager.SecurityProtocol =

    System.Net.SecurityProtocolType.Tls12;
                    AddressValidatorAPI.XAVResponse xavResponse =

    xavSvc.ProcessXAV(xavRequest);

    My CLR is referencing this DLL. It would seem that my SQL Server which is:

    Microsoft SQL Server 2014 (SP2-GDR) (KB4019093) - 12.0.5207.0 (X64)   

    Jul  3 2017 02:25:44   Copyright (c) Microsoft Corporation 

    Standard Edition (64-bit) on Windows NT 6.1 <X64> (Build 7601: Service Pack 1) 

    Is not supporting TLS 1.2? Any advice would be amazing :)

    Thanks!


    • Edited by Be05x5 Thursday, January 25, 2018 9:05 PM
    Thursday, January 25, 2018 9:05 PM

Answers

  • All,

    After some serious tries on this, after updating the SQL server with latest framework, I recompiled the DLL used by my CLR and simple ran this statement: 
    ALTER ASSEMBLY [HLIAddressValidation]
    FROM 'C:\HLIAddressValidation.dll'
    WITH PERMISSION_SET = SAFE; --or unsafe depending on your configuration and security allowances 
    GO 
    Hope this helps someone.
    • Marked as answer by Be05x5 Friday, February 9, 2018 9:17 PM
    Friday, February 9, 2018 9:17 PM