-
Notifications
You must be signed in to change notification settings - Fork 48
0720 Advanced SSL Data Capture
NOTE: The following steps are for data capture for consistent SSL related failures. For intermittent SSL errors please reach out to Microsoft support for help.
For TLS 1.2 errors we will want to capture on the SQL Server. Open 3 Administrative command Windows: one for the authentication scripts, one for the BID trace, and one for the network trace.
The authentication scripts start and stop various SSL and authentication Logman captures and place the files in a Logs subfolder. Create a new folder and copy/paste the text from following batch files into notepad, saving in the new folder location and using .cmd for the file extension.
- Copy/paste the text from bid2etwconfig.txt into notepad, saving in the new folder location from above, using .vbs for the file extension.
- Start the Auth trace by running startauth.cmd from an Administrative command prompt.
- Configure the BID trace from an Administrative command prompt after changing to the directory created above:
CD \MS
CSCRIPT BID2ETWCONFIG.VBS CONFIG -SETUP
- Restart SQL Server.
- Start the BID trace capture:
CSCRIPT BID2ETWCONFIG.VBS START MYTRACE -m sqlserver.sni12.1 -c 0x630ff
For the -m switch, you should specify the provider used by the failing application, from the list of providers found in the bid2etwConfig.txt in the rawValues array found on line 196 there.
- Start a network trace:
NETSH TRACE START SCENARIO=NETCONNECTION CAPTURE=YES TRACEFILE=c:\ms\mycap.etl
- Stop the BID Trace:
CSCRIPT BID2ETWCONFIG.VBS STOP MYTRACE
- Stop the network trace:
NETSH TRACE STOP
- Run the stopauth.cmd file to stop the auth tracing.
NOTE: If engaging Microsoft support from this point, zip the output of the entire directory and upload to the share provided by your engineer for further review.