由于 AntiVirus,登录前握手期间发生错误?
[英]Error occurred during the pre-login handshake, due to AntiVirus?
问题描述
I need your expertise on one of my issues.
我需要你的专业知识来解决我的一个问题。 I often get an intermittent issue from our Power BI on-premises Gateway to SQL connectivity我经常从我们的 Power BI 本地网关到 SQL 连接遇到间歇性问题
Error from gateway log网关日志错误
Error: A connection was successfully established with the server, but then an error occurred during the pre-login handshake.
The difficult part here is it's very difficult to reproduce ☹️ Whenever I tried the connectivity from the gateway to SQL server, it succeeds but at some very rare case, it fails.这里困难的部分是很难重现☹️每当我尝试从网关到 SQL 服务器的连接时,它都会成功,但在一些非常罕见的情况下,它会失败。
Steps we did to find the root cause我们为找到根本原因所做的步骤
- Checked in both the gateway server and SQL server TLS 1.2 only is enabled, other versions of TLS are disabled签入网关服务器和SQL服务器仅启用TLS 1.2,禁用其他版本的TLS
- created a .udl file and tried the connectivity but got the error like [DBNETLIB] ConnectionOpen( SECCreateCredentials().] SSL Security error.创建了一个 .udl 文件并尝试了连接,但得到了类似 [DBNETLIB] ConnectionOpen( SECCreateCredentials().] SSL 安全错误的错误。
Finally, we contacted our internal support team, they told to run the network tracer.最后,我们联系了我们的内部支持团队,他们告诉我们运行网络跟踪器。 So we did.所以我们做到了。 After some long times, we had the luck to capture the error in the network tracer.很长一段时间后,我们有幸在网络跟踪器中捕获了错误。 (Below Image) (下图)
Support team told like:支持团队告诉像:
We see that client (gateway server) is sending Client hello after 14 seconds for the TLS SSL handshake, this delay is causing the connection to fail as connection needs to get established in 15 seconds.我们看到客户端(网关服务器)在 14 秒后为 TLS SSL 握手发送客户端问候,此延迟导致连接失败,因为连接需要在 15 秒内建立。 We see the same pattern, where the client is causing delay on multiple instances of the communication.我们看到了相同的模式,其中客户端在多个通信实例上造成延迟。 And such delay is generally caused by the Antivirus而这种延迟一般是由Antivirus引起的
My question:我的问题:
- Is this really the Antivirus issue?这真的是杀毒软件的问题吗? If so then why it's not happening all the times?如果是这样,那为什么它不会一直发生?
PS I know this question is already asked in SO and possible for duplicate, but my real question is this antivirus would be a possible cause for this? PS我知道这个问题已经在SO中被问到并且可能重复,但我真正的问题是这个防病毒软件可能是导致这个问题的原因吗?
1 个解决方案
解决方案1
0 已采纳 2019-11-18 09:28:41
The issue is finally resolved after so many attempts.经过多次尝试,问题终于解决了。 The below is the solution worked for us以下是为我们工作的解决方案
• Azure AD join, where the connections head to the “login.microsoft.com” and delay the connections. • Azure AD 加入,连接指向“login.microsoft.com”并延迟连接。 There are few settings from registry and GPO that needs to be performed to disable this Auto Azure WorkPlace join.要禁用此 Auto Azure WorkPlace 加入,需要执行注册表和 GPO 中的一些设置。
https://docs.microsoft.com/en-us/azure/active-directory/device-management-troubleshoot-hybrid-join-windows-current https://docs.microsoft.com/en-us/azure/active-directory/device-management-troubleshoot-hybrid-join-windows-current
It talks about restricting the server from joining AzureAD through a GPO, which resolves to:它谈到限制服务器通过 GPO 加入 AzureAD,它解析为:
HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows\\WorkplaceJoin\\ key: autoWorkplaceJoin = 0
• Connections headed to http://ctldl.windowsupdate.com , refer the below article that talks about this issue. • 连接到http://ctldl.windowsupdate.com ,请参阅下面讨论此问题的文章。
https://blogs.technet.microsoft.com/askds/2018/04/10/tls-handshake-errors-and-connection-timeouts-maybe-its-the-ctl-engine/ https://blogs.technet.microsoft.com/askds/2018/04/10/tls-handshake-errors-and-connection-timeouts-maybe-its-the-ctl-engine/
To disable it:
• Create a backup of this registry key (export and save a copy)
HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\SystemCertificates\\AuthRoot
• Then create the following DWORD registry values under the key“EnableDisallowedCertAutoUpdate”=dword:00000000 “DisableRootAutoUpdate”=dword:00000001
I hope this helps someone in the future !我希望这对未来的人有所帮助!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.