question

Ashwan1234 avatar image
0 Votes"
Ashwan1234 asked Yufeishao-msft commented

SSL enabled database mails in error

Hi am trying enable the SSL as bellow in SQL server 2016 sp2 EE database mails . How ever when I enabled emails will not delivered. When disabled emails are working fine. .net framwork install 4 and above. Any one has experience is and any resolution ?
139084-capture.png


sql-server-general
capture.png (38.4 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Could you please validate all the answers so far and provide any update?
If all of them are not working or helpful, please provide more sample data or details about your issue.
Please remember to accept the answers if they helped. Your action would be helpful to other users who encounter the same issue and read this thread.

0 Votes 0 ·
Yufeishao-msft avatar image
0 Votes"
Yufeishao-msft answered

Hi @Ashwan1234

What are the error you get? Please check your error log.
Your question may have something to do with TLS. I found a similar case and discussion by others: https://dba.stackexchange.com/questions/213608/enable-tls-1-2-for-sql-server-2016-database-mail
Perhaps the 2 new registry settings here can fix your problem:

 Windows Registry Editor Version 5.00
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
 "SchUseStrongCrypto"=dword:00000001
     
 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
 "SchUseStrongCrypto"=dword:00000001 


And if you enable TLS 1.2 for SQL Server communication, the following registry you should set correctly:

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2] 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001  

https://support.microsoft.com/en-us/topic/kb3135244-tls-1-2-support-for-microsoft-sql-server-e4472ef8-90a9-13c1-e4d8-44aad198cdbe



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Ashwan1234 avatar image
0 Votes"
Ashwan1234 answered Yufeishao-msft commented

hi Yufeishao-msft
Thank you for the valued comment
In my server has no entries related to "SchUseStrongCrypto"=dword:00000001/ "SchUseStrongCrypto"=dword:00000001 . is that good to edit regedit ?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

yes, you can


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

0 Votes 0 ·