Our Nessus results recommended to disable TLS 1.0 on our Windows Server 2012 R2 standard server. However once we disable TLS 1.0 (using Registry Editor) and enable TLS 1.1 and 1.2 on the server, the Microsoft SQL Sever 2014 Express Advanced SP2 (version 12.2.5000.0) fails to start. When we try to start the SQL Server, we see this error: “Windows could not start SQL Server (SQLEXPRESS) on Local Computer. For more information, review the System Event Log. If this is a non-Microsoft service, contact the service vendor, and refer to service-specific error code 5023.” The System Event Log has the this error: "A fatal error occurred while creating an SSL client credential. The internal error state is 10013." After enabling TLS 1.0 (using Registry Editor), the SQL Server (SQLEXPRESS) can start.

TDSSNIClient initialization failed with error 0x139f, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. The group or resource is not in the correct state to perform the requested operation. I can see similar error documented in this tls-1-2-support-for-sql-server-2008-2008-r2-2012-and-2014 The solution mentioned is The above errors are reported because the SQL Server client driver fixes were not applied on the server. Please refer KB3135244 and apply the applicable client driver fixes on the server. In the KB link go to Client component downloads and download and install the respective client component you are using and then I guess it should work. PS: I strongly suggest you to upgrade to SQL Server 2014 SP3 and above, the issue seems more related to internal MS problem and SP should solve this

Hi @Matrix2020 , Are there any other different version of SQL Server instances on your machine? According this old thread , , this issue may be caused by another instance of SQL Server with a lower version (SQL Server 2008, 2012) on the machine. And please make sure you have installed .NET framework version 3.5 SP1 , or make sure your system is fully up to date via Windows Update. Best Regards, Amelia If the answer is helpful, please click "Accept Answer" and upvote it. Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Microsoft SQL Sever 2014 Express Advanced SP2 (version 12.2.5000.0) fails to start after TLS 1.0 is disabled.

Accepted answer

Shashank Singh 6,246 Reputation points

2020-12-14T09:09:16.223+00:00

TDSSNIClient initialization failed with error 0x139f, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. The group or resource is not in the correct state to perform the requested operation.

I can see similar error documented in this tls-1-2-support-for-sql-server-2008-2008-r2-2012-and-2014 The solution mentioned is

The above errors are reported because the SQL Server client driver fixes were not applied on the server. Please refer KB3135244 and apply the applicable client driver fixes on the server. In the KB link go to Client component downloads and download and install the respective client component you are using and then I guess it should work.

PS: I strongly suggest you to upgrade to SQL Server 2014 SP3 and above, the issue seems more related to internal MS problem and SP should solve this
Please sign in to rate this answer.
Matrix2020 26 Reputation points

2020-12-14T09:33:32.363+00:00

Thanks Shashank-Singh,

I am going to upgrade to SQL Server 2014 SP3 to see if this helps. It will finish this Wed, and I will update then. Thanks again.

Shashank Singh 6,246 Reputation points

2020-12-14T09:58:36.04+00:00

Thanks also like I mentioned in my answer download client component update from the KB link and upgrade your client please, that is what as per article should fix things

Matrix2020 26 Reputation points

2020-12-15T02:50:50.793+00:00

Hi Shashank-Singh,

Thanks again. I downloaded and installed SQL Server Native Client 11.0 for SQL Server 2012/2014 (x86/x64) (without restarting the server that is only allowed in maintenance window), and the issue still remains.

when trying to start the sql server, I see these errors in System Logs:
The SQL Server (SQLEXPRESS) service terminated with the following service-specific error:
The group or resource is not in the correct state to perform the requested operation.

A fatal error occurred while creating an SSL client credential. The internal error state is 10013.

Matrix2020 26 Reputation points

2020-12-15T02:52:33.527+00:00

also these errors in Application Logs:
The server was unable to initialize encryption because of a problem with a security library. The security library may be missing. Verify that security.dll exists on the system.

TDSSNIClient initialization failed with error 0x139f, status code 0x80. Reason: Unable to initialize SSL support. The group or resource is not in the correct state to perform the requested operation.

TDSSNIClient initialization failed with error 0x139f, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. The group or resource is not in the correct state to perform the requested operation.

Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.

Matrix2020 26 Reputation points

2020-12-15T02:52:43.357+00:00

SQL Server could not spawn FRunCommunicationsManager thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.

Ben Miller (DBAduck) 951 Reputation points

2020-12-15T05:32:02.51+00:00

You also need to ensure that the Windows Server is updated as well. There is an update in .NET 3.5 that needs to be there to use TLS 1.1,1.2.

Matrix2020 26 Reputation points

2020-12-16T01:33:19.01+00:00

Thanks Shashank-Singh and Ben-Miller-DBAduck,

The issue resolved after these steps as advised by you:

downloaded and installed SQL Server Native Client 11.0 for SQL Server 2012/2014 (x86/x64)

updated Windows Server which included updates for .NET Framework 3.5, 4.5.2 etc. as shown in update history

rebooted the server.

Ben Miller (DBAduck) 951 Reputation points

2020-12-16T02:17:05.933+00:00

Excellent to hear. Glad you got it sorted.
Sign in to comment

Microsoft SQL Sever 2014 Express Advanced SP2 (version 12.2.5000.0) fails to start after TLS 1.0 is disabled.

1 additional answer