Submit a ticketCall us

WebinarUpcoming Webinar: Know What’s Changed – with NEW Server Configuration Monitor

Change management in IT is critical. But, even with a good change management process, changes are too often not correctly tracked, if at all. The configuration of your servers and applications is a key factor in their performance, availability, and security. Many incidents can be tracked back to an authorized (and sometimes unauthorized) configuration change, whether to a system file, configuration file, or Windows® Registry entry. Join SolarWinds VP of product management Brandon Shopp to discover how the new SolarWinds® Server Configuration Monitor is designed to help you.

Register now.

Home > Success Center > Network Performance Monitor (NPM) > Additional Web server installation error: Invalid Credentials

Additional Web server installation error: Invalid Credentials

Updated April 10, 2017


The following error occurs in the SolarWinds Orion Compatibility Check window when installing an additional web server: 

Invalid Credentials


The Orion admin account can log in to the web console.


The additional web server CompatibilityPreInstaller.log file in c:\ProgramData\Solarwinds\Logs\Orion\ shows the following:


2017-03-23 07:59:22,212 [6] ERROR SolarWinds.Orion.Core.Common.ChannelProxy`1 - Factory failed to create Channel: System.ServiceModel.Security.SecurityNegotiationException: A call to SSPI failed, see inner exception. ---> System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possess a common algorithm
   --- End of inner exception stack trace ---
   at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
   at System.ServiceModel.Channels.SslStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)
   --- End of inner exception stack trace ---


The error in CompatibilityPreInstaller.log occurred after installing .NET 4.6 on the additional web server: 


2017-03-30 09:00:08,555 [6] DEBUG SolarWinds.InformationService.Contract2.InfoServiceProxy - Creating channel factory for Information Service @ net.tcp://ORIONHOSTNAME:17777/SolarWinds/InformationService/v3/Orion/ssl
2017-03-30 09:00:09,930 [6] ERROR SolarWinds.InformationService.Contract2.InfoServiceProxy - An error occured opening a connection to the orion communication service.System.ServiceModel.CommunicationException: The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '00:10:00'. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
   at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
   at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)
   --- End of inner exception stack trace ---


NPM 12.1 



The error is caused when the cipher and hash functions do not match.

Note: TLS 1.2 must be disabled according to NPM 12.1 Release Notes.


  1. Download the IIS Crypto tool  (© 2017 Nartac SoftWare, available at, obtained April 10, 2017).
  2. Run the IIS Crypto tool on both the main and additional web servers.
  3. Uncheck TLS 1.1 and TLS 1.2. 
  4. Select TLS 1.0 
  5. On the Additional Web server, select the following ciphers and hashes using the IIS Crypto tool, and then click Apply.

    Ciphers: RC4 128/128, AES 128/128, AES 256/256

    Hashes: MD5, SHA, SHA 256, SHA 384, SHA 512

  6. Reboot both the main and additional web servers.
  7. Reinstall the additional web server using an Orion administrator account, not a domain account. 



Screenshot property of © 2017 Nartac Software.


Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment.  You elect to use third party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.



Last modified