2

I am using SSIS OData source to connect SuccessFactors source feed location. I am able to connect successfully using Basic Authentication method and am also able to preview the data in the OData source. But while executing the task it throws a runtime error as below :

[OData Source [53]] Error: Cannot acquire a managed connection from the run-time connection manager.

Is this got to do with the SuccessFactor OData source version? Please advise. Also I am able to connect to sample Northwind database using OData source and load it successfully in my SQL Server table.

Hadi
  • 36,233
  • 13
  • 65
  • 124
Khalique Ansari
  • 29
  • 2

1 Answers1

3

I had the exact same issue Khalique and it was not a problem with SuccessFactors per se. They have taken a step which is a good one for security in disabling SSL and TLS v1.0. They only accept TLS v1.1 and TLS v1.2. While the browser, and it appears previewing data in SSIS must auto-negotiate the protocols for HTTPS connections, SSIS does not appear to do this at runtime.

There was not much information available on the web but this article helped me solve it.

https://learn.microsoft.com/en-us/sql/analytics-platform-system/configure-tls12-aps?view=aps-pdw-2016-au7

There were articles I found that mentioned adding these 2 keys but I was still facing the issue even after reboot.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

It was only when I added the others and rebooted that everything started working.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

Notice that in the above I deviated from the article as I was only interested in changing the supported client protocols and not server protocols. I also added SSL 3.0 because after first only disabling TLS 1.0, a Fiddler trace showed that the connection was being attempted using SSL 3.0. I added SSL 2.0 for good measure.

This is what a full .reg file looks like, which you can save locally as a .reg and double-click to install. Then reboot. I took a backup of my registry first before doing this and I recommend you do the same.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
Adam Rene
  • 41
  • 2