We have been hardening our servers for some time now and recently we disabled SSL 3.0 because of the poodle attack. When I did this on one of our test servers SQL Server failed to start up after the restart.
I have been able to reproduce this on Windows Server 2012 and Windows 7 by disabling TLS 1.0 and SSL 3.0 through the registry. I am using SQL Server 2012 on the server machine. On my windows 7 machine sql server 2012 and sql server 2005 will not start with those disabled.
These are the event log errors I get:
Application Logs:
(28/10/2014 8:38:54 AM) SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.
(28/10/2014 8:38:54 AM) Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.
(28/10/2014 8:38:54 AM) TDSSNIClient initialization failed with error 0x80090331, status code 0x1.
(28/10/2014 8:38:54 AM) TDSSNIClient initialization failed with error 0x80090331, status code 0x80.
System Logs:
(28/10/2014 8:38:54 AM) The SQL Server (MSSQLSERVER) service terminated with service-specific error %%-2146893007.
(28/10/2014 8:38:54 AM) A fatal error occurred while creating an SSL server credential. The internal error state is 10013.
Done anyone know have we can keep SSL 3.0 and TLS 1.0 disabled and get SQLServer server to start?