FIX: SQL Server 2014 or 2016 Backup to Microsoft Azure Blob storage service URL isn't compatible for TLS 1.2

Dotyczy: SQL Server 2014 DeveloperSQL Server 2014 EnterpriseSQL Server 2014 Enterprise Core

Symptoms


Assume that you are using Microsoft SQL Server 2014 or 2016. When you backup a database to Microsoft Azure Blob storage service URL, the operation may fail and you will receive the following error messages both at the client side and in the SQL Server error log.

SQL Server client error

SQL Server error log

<DateTime>    ======== BackupToUrl Initiated =========<DateTime> Inputs: Backup = True, PageBlob= True, URI = https://<BlobStorageServerName>.blob.core.windows.net/sqlbackup/<DB_Backup_Name.bak>, Acct= lbtesting2096, Key= 01000000D08C9DDF0115D1118C7A00C04FC297EB01000000F3A30EA07907C547B9E3238BB3ADF017000000001200000061007A007500720065006B0065007900000003660000C000000010000000B109DEECC18EA653E13877153FF49EA60000000004800000A000000010000000B42DD2A83536258EFAAEA9575CC78F8D4800000006F37FD8B781426BCD7169FB8A12F0D6157B9FCE360863F748744D3E365C2E1898B22D0232F2A72FD47D0E45703EED96AD2951B833673B3CCC15E6CBCFD92A9B5D855D2F44BBC1311400000088D1F83F223BDDBD5978798150C04363E0A7F6E1, FORMAT= False, Instance Name = MSSQLSERVER, DBName = <DB_Name> LogPath = C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Log<DateTime>    Process Id: 3668<DateTime>     Time for Initialization = 202.7451 ms<DateTime>    BackupToUrl Client is getting configuration from SqlServr<DateTime>    Time for Handshake and VDI config = 31.2507 ms<DateTime>    Time for Get BlobRef = 15.6263 ms<DateTime>    Time for - EXCEPTION Get Fetchattributes = 45364.4979 ms<DateTime>    An exception occurred during communication with Azure Storage, exception information follows<DateTime>    Exception Info: The underlying connection was closed: An unexpected error occurred on a receive.<DateTime>    Stack:    at Microsoft.WindowsAzure.Storage.Core.Executor.Executor.ExecuteSync[T](StorageCommandBase`1 cmd, IRetryPolicy policy, OperationContext operationContext)   at BackupToUrl.Program.MainInternal(String[] args)<DateTime>    The Active queue had 1 requests until we got a clear error.

This error occurs if your client server enabled Transport Layer Security (TLS) protocol version 1.2 with the following registry.

 

Resolution


This issue is fixed in the following cumulative update for SQL Server:

Cumulative Update 7 for SQL Server 2016 RTM

Cumulative Update 4 for SQL Server 2016 SP1

Cumulative Update 5 for SQL Server 2014 SP2

 

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References


Learn about the terminology that Microsoft uses to describe software updates.