FIX: Rolling upgrade for AlwaysOn replica fails after Cumulative Update 1 for SQL Server 2016 is installed

Applies to: SQL Server 2016 DeveloperSQL Server 2016 EnterpriseSQL Server 2016 Enterprise Core

Symptoms


Cumulative Update 1 for SQL Server 2016 adds FIPS-compliant support by enabling the Service Broker Usage Control Service (UCS) to use SHA256 algorithm instead of the obsolete SHA1 algorithm. Because of this, after you install SQL Server 2016 CU1 and perform a rolling upgrade for an AlwaysOn availability group replica or a database mirroring instance, the operation may fail.

Resolution


The fix for this issue is included in the following cumulative update for SQL Server:


Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References


Learn about the terminology  that Microsoft uses to describe software updates.