title | description | ms.date | author | ms.author | ms.reviewer | ms.custom |
---|---|---|---|---|---|---|
Connection to the linked server fails |
This article explains about the errors that might occur if the connection to the linked server fails. |
04/18/2024 |
prmadhes-msft |
prmadhes |
jopilov, haiyingyu, mastewa, v-jayaramanp |
sap:Connection issues |
This article helps you resolve errors that occur when a connection to the linked server fails after the recent Windows Server updates are installed.
The following error messages are logged in the SQL Server error log.
TCP Provider: An existing connection was forcibly closed by the remote host.
OLE DB provider "MSOLEDBSQL" for linked server "<LinkedServerName>" returned message "Client unable to establish connection". (Microsoft SQL Server, Error: 10054)
The following screenshot shows the event ID 36874. This is a Schannel error that occurs in the Windows Event Viewer which indicates that the client and server support different sets of cipher suites which causes a failure in connection.
:::image type="content" source="media/connection-to-linked-server-failed/connection-to-linked-server-failed.png" alt-text="Screenshot that shows that multiple errors occur after the connection to the linked server fails.":::
The ciphers for the SQL Server client and server were modified after you installed Windows Server updates. As a result, there were issues with communication.
To check the cipher values on the client and server computers, follow these steps:
-
Open an administrative PowerShell session, and then run the following command on both the client and main server:
Get-ItemPropertyValue -Path HKLM:\System\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002\ -Name Functions
-
Compare the values from both computers to determine whether the ciphers differ.
To resolve the problem, follow these steps:
-
If a network trace isn't available, check the functions value in this registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002
-
Run the following PowerShell command to find the Transport Layer Security (TLS) functions:
Get-ItemPropertyValue -Path HKLM:\System\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002\ -Name Functions
-
Use the Ciphers Suites tab in the IIS Crypto tool to check whether there are any matching algorithms. If no matching algorithms are found, contact Microsoft Support.
[!INCLUDE third-party-contact-disclaimer]
An existing connection was forcibly closed by the remote host (OS error 10054)