Submit a ticketCall us

Quickly Address Software Vulnerabilities
Patch Manager is an intuitive patch management software which extends the capabilities of WSUS and SCCM to not only patch Windows® servers and workstations, and Microsoft® applications, but also other 3rd-party applications which are commonly exploited by hackers. Learn more about our patch management solution.

 

Home > Success Center > Network Performance Monitor (NPM) > Web performance issues after disabling TLS 1.0

Web performance issues after disabling TLS 1.0

Updated March 11th, 2016

Overview

Web performance issues and possibly high CPU result from disabling TLS 1.0

Environment

Errors seen in the event log:

 

Error 10/12/2015 17:41 Schannel 0 hostname.domain The following fatal alert was generated: 40. The internal error state is 1205.

Error 10/12/2015 17:41 Schannel 0 hostname.domain An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

 

 

Error seen in the Information Service v3 log (C:\ProgramData\Solarwinds\InformationService\v3.0\Orion.InformationService.log):

 

ERROR SolarWinds.InformationService.Contract2.InfoServiceProxy - (null) An error occured opening a connection to the orion communication service.
System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at net.tcp://hostname:17777/SolarWinds/InformationService/v3/Orion/certificate that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.

Server stack trace: 
at System.ServiceModel.Channels.ConnectionUpgradeHelper.DecodeFramingFault(ClientFramingDecoder decoder, IConnection connection, Uri via, String contentType, TimeoutHelper& timeoutHelper)
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.SendPreamble(IConnection connection, ArraySegment`1 preamble, TimeoutHelper& timeoutHelper)
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.DuplexConnectionPoolHelper.AcceptPooledConnection(IConnection connection, TimeoutHelper& timeoutHelper)
at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

Exception rethrown at [0]: 
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at System.ServiceModel.ICommunicationObject.Open()
at SolarWinds.InformationService.Contract2.InfoServiceProxy.Open()
ERROR SolarWinds.Data.Providers.Orion.DynamicServicesHost - (null) Failed to start dynamic subscriber services. Will try again in one minute. (SolarWinds.Data.Providers.AppStack.Subscribers.ManagedEntityChangeSubscriber, SolarWinds.Data.Providers.AppStack.Subscribers.RelianceChangeSubscriber, SolarWinds.Data.Providers.AppStack.Subscribers.SchemaChangeSubscriber, SolarWinds.Data.Providers.AppStack.Subscribers.DependencyChangeSubscriber, SolarWinds.Data.Providers.AppStack.Subscribers.ContainerSnapshotChangeSubscriber, SolarWinds.Data.Providers.Orion.Containers.DataProvider.ContainerChangeSubscriber, SolarWinds.Data.Providers.Orion.Containers.LimitationSnapshotService.LimitationChangeSubscriber, SolarWinds.Data.Providers.Orion.Containers.AvailabilityService.AvailabilityServicePlugin, SolarWinds.Data.Providers.Orion.Containers.AvailabilityService.DAL.EntityHelper, SolarWinds.Data.Providers.Orion.Subscribers.CustomPropertyChangesSubscriber, SolarWinds.Data.Providers.Orion.Subscribers.LimitationChangeSubscriber, SolarWinds.Data.Providers.Orion.Subscribers.SchemaChangeSubscriber, SolarWinds.Data.Providers.Orion.Subscribers.AccountRightsChangeSubscriber): System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at net.tcp://hostname:17777/SolarWinds/InformationService/v3/Orion/certificate that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.

 

Cause 

Disabling TLS 1.0 prevents internal communication between Orion services.

This can be caused by either by an MS KB update or manually making this change

 

Resolution

  1. From the admin command prompt, execute all of the REG ADD commands from the section "Disabling SSL 3.0 on an IIS web server" of Protect against POODLE vulnerability on Virtualization Manager
  1. Open Orion Service Manager, and restart all Orion services.

 

 

Last modified
09:51, 2 Feb 2017

Tags

This page has no custom tags.

Classifications

Public