During one of my CRM Installation when everything was going smooth, the following error popped up:
“Could not connect to the following SQL Server: ‘XXXXXXXXX’.
Verify that the server is up and running and that you have SQL Server administrative credentials.
[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.”
The next immediate thing was to look up at the Event Viewer logs. Under Windows Logs -> System found the error:
“A fatal error occurred while creating a TLS client credential. The internal error state is 10013”
I did even try to make an ODBC Data Source connection from my Web server to the SQL server but still the same error, confirming the connectivity issues through SSL Security.
They both article points to the same issue and the resolution. In my case, I was already having Windows Server 2016 and SQL 2016 which are already TLS 1.2 compliant; even my .Net Framework was also updated to 4.6
The only solution left was Enabling the FIPS compliant encryption algorithm under system cryptography. As suggested I followed the same:
a. In Control Panel, click Administrative Tools, and then double-click Local Security Policy.
b. In Local Security Settings, expand Local Policies, and then click Security Options.
c. Under Policy in the right pane, select System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing.
d. By default it’s set to Disabled.
e. Double Click to open the option and then click Enabled.
f. Restart the machine for the policies to take effect.
I resumed my CRM installation and this time there was no issue of SSL Security error: SECCreateCredentials(). However, there was another SSL Security error: SECDoClientHandshake() which I’ll talk about in my next blog.
For further info on the FIPS, there is a Microsoft support article which is worth reading. Hope that was helpful. Thanks!