We are receiving this OSConfig3 error exception this implementation is not part of the windows platform fips validated cryptographic algorithms. We previously had this error “[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.”, and we remediated that by Enabling the FIPS compliant encryption algorithm under system cryptography. As suggested I followed the same:
a. In Control Panel, click Administrative Tools, and then double-click Local Security Policy.
b. In Local Security Settings, expand Local Policies, and then click Security Options.
c. Under Policy in the right pane, select System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing.
e. Double Click to open the option and then click Enabled.
f. Restart the machine for the policies to take effect.
Which brought me to the error in the title above.
We are using Quickbooks 2019 on Windows Server 2016 Standard. OpenSync 3.0.28 then proceeds to ask us for a key (I’m using the trial version right now), which I don’t have, so am forced to hit Cancel, which closes the application.
I’m thinking this is related to the end of TLS 1.0 and 1.1 in Microsoft operating systems.
Thank you for your help.
So to clarify. When we don’t have FIPS enabled we get the Failed: [DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.:-2147467259 error. When we have FIPS enabled we get the “OSConfig3 error exception this implementation is not part of the windows platform fips validated cryptographic algorithms” error.
Can you post a screenshot, please?
Screenshots attached in both scenarios with and without FIPS enabled.
Can you give your order number, please? So, I can see what is happening in our end.
I haven’t ordered yet. I’m trialing the software before purchase. We already have one license (on a different account) for another server, and we will be replacing that server with this new one, but I obviously need to get this environment working before I can decommission the old one.
Are you willing to do a remote session? to see what is happening
Yes we can. Send me an email at the email on file in my profile and we can schedule a time.
A call was held with Yudel and we determined the server didn’t support TLS1.0 which was needed for OpenSync to work. Using this software https://www.nartac.com/Products/IISCrypto/ we enabled the TLS1.0 for the client and server protocols and that got this working after a reboot. Thank You to Yodel for the assistance.
Thanks for sharing this for all here. I appreciate it.
You must be logged in to reply to this topic.