One of my existing clients contacted me to provide assistance in an issue where they were not able to install SQL Server 2014. In this blog, we would learn about fixing error “Unable to Initialize SSL Support. The client and server cannot communicate, because they do not possess a common algorithm” which might be seen in SQL Server ERRORLOG and can cause SQL startup failures.
Here is the relevant information from ERRORLOG which would help you in comparing error numbers, hex codes etc. to make sure that the solution given in the blog works for you.
The server could not load the certificate it needs to initiate an SSL connection. It returned the following error: 0x80090331. Check certificates to make sure they are valid.
Unable to initialize SSL encryption because a valid certificate could not be found, and it is not possible to create a self-signed certificate.
Error: 17182, Severity: 16, State: 1.
TDSSNIClient initialization failed with error 0x80090331, status code 0x80. Reason: Unable to initialize SSL support. The client and server cannot communicate, because they do not possess a common algorithm.
Error: 17182, Severity: 16, State: 1.
TDSSNIClient initialization failed with error 0x80090331, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. The client and server cannot communicate, because they do not possess a common algorithm.
Error: 17826, Severity: 18, State: 3.
Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.
Error: 17120, Severity: 16, State: 1.
SQL Server could not spawn FRunCommunicationsManager thread. Check the SQL Server error log and the Windows event logs for information about possible related problems
During my discussion with another client, I had a discussion about TLS and possible errors. One of the errors which I remembered was “The client and server cannot communicate, because they do not possess a common algorithm.” Here is the article from Microsoft about SQL Server support for TLS.
TLS 1.2 support for Microsoft SQL Server
WORKAROUND/SOLUTION
Since we know that this is due to the version of SQL which doesn’t s support TLS 1.2.
- Disabled TLS 1.2 and Enabled TLS 1.0 and TLS 1.1
- Reboot the server.
- If error came during installation, then uninstall SQL Server.
- Reinstall SQL Server and it should start as TLS 1.2 is disabled.
- Applied patch (refer link above) that is necessary to support TLS1.2
- Enabled TLS1.2 again and disabled TLS1.0 and TLS 1.1.
- Reboot once again.
- Test connectivity to the SQL Server.
Here is the registry key which is for TLS 1.0. The same key and values are applicable for other TLS keys also like TLS 1.0, TLS 1.2.
Windows Registry Editor Version 5.00
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client] “Enabled”=dword:ffffffff
“DisabledByDefault”=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server] “Enabled”=dword:ffffffff
“DisabledByDefault”=dword:00000000
Hope this helps someone who is in middle of installation.
Feel free to comment and let me know if there are some other options/solutions available.
Reference: Pinal Dave (https://blog.sqlauthority.com)
First appeared on SQL SERVER – Error 17182: Unable to Initialize SSL Support. The Client and Server Cannot Communicate, Because They do Not Possess a Common Algorithm