Toad World® Forums

Connection to Toad Intelligence Central fails

Recently upgraded my copy of Toad Data Point to 5.0.7.106 (32 bit), and our two TIC servers to 5.0.6.7. After the upgrade I cannot connect to one of the TIC servers, but can connect and publish to the other. The moment I try to create a new connection to the problem TIC server I get the following error dump:

System.Net.WebException
The underlying connection was closed: An unexpected error occurred on a send.
Stack Trace:
at Quest.Toad.CloudDB.AppServer.AppServerCalls.GetTIC27ServerProperties(String httpWebRequestString, Boolean& error)
at Quest.Toad.CloudDB.AppServer.AppServerCalls.GetTIC27ServerProperties(IConnectMediator mediator, Boolean& error)
at Quest.Toad.CloudDB.AppServer.NewUserSettingsControlMonitor.MonitorNewUserSettingsControlMonitor()

System.IO.IOException
Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
Stack Trace:
   at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
   at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.TlsStream.CallProcessAuthentication(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
   at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.ConnectStream.WriteHeaders(Boolean async)

    System.Net.Sockets.SocketException
    An existing connection was forcibly closed by the remote host
    Stack Trace:
       at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
       at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)

I am using Window authentication and trying to connect on default port 8066. I verified connectivity, I can telnet to the server on that port. I can also interact with the problem server via the TIC web interface.

Had someone check, it appears that the server I can connect to has TLS 1.0 available, but the server I cannot connect to only has TLS 1.1 and 1.2 running. How can I force TDP 5.0 to use TLS 1.2 when connecting to Toad Intelligence Central? I do not see any way to force that through the app, is there a XML config file I can adjust?

hi, please refer to https://www.kapilarya.com/how-to-configure-tls-settings-in-windows-10 to add configuration for TLS 1.1 and TLS 1.2 in your machine's Registry table.
Only focus on

WAY 2 – Via Registry

and ignore

WAY 1 – Via Internet Properties

Please remember to reboot the machine once you have added the entry.
Please let me know if it is still not work.

Thanks for the tip. My local machine is Windows 7, so the registry locations are a bit different, but the solution worked. Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols I added TLS 1.1\Client and TLS 1.2\Client keys and inside the Client keys added the DWORD value DisabledByDefault with data 0. Rebooted my machine and bingo, I could once again connect to our prod server.

Again, thanks for the info. See https://support.microsoft.com/en-us/help/245030/how-to-restrict-the-use-of-certain-cryptographic-algorithms-and-protoc and https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi for more on the subject.