Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article helps you resolve errors that occur when a connection to the linked server fails after the recent Windows Server updates are installed.
Symptoms
The following error messages are logged in the SQL Server error log.
TCP Provider: An existing connection was forcibly closed by the remote host.
OLE DB provider "MSOLEDBSQL" for linked server "<LinkedServerName>" returned message "Client unable to establish connection". (Microsoft SQL Server, Error: 10054)
The following screenshot shows the event ID 36874. This is a Schannel error that occurs in the Windows Event Viewer which indicates that the client and server support different sets of cipher suites which causes a failure in connection.
Cause
The ciphers for the SQL Server client and server were modified after you installed Windows Server updates. As a result, there were issues with communication.
How to check cipher values
To check the cipher values on the client and server computers, follow these steps:
Open an administrative PowerShell session, and then run the following command on both the client and main server:
Get-ItemPropertyValue -Path HKLM:\System\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002\ -Name FunctionsCompare the values from both computers to determine whether the ciphers differ.
Resolution
To resolve the problem, follow these steps:
If a network trace isn't available, check the functions value in this registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002Run the following PowerShell command to find the Transport Layer Security (TLS) functions:
Get-ItemPropertyValue -Path HKLM:\System\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002\ -Name FunctionsUse the Ciphers Suites tab in the IIS Crypto tool to check whether there are any matching algorithms. If no matching algorithms are found, contact Microsoft Support.
Third-party contact disclaimer
Microsoft provides third-party contact information to help you find additional information about this topic. This contact information may change without notice. Microsoft does not guarantee the accuracy of third-party contact information.
See also
An existing connection was forcibly closed by the remote host (OS error 10054)