exception this implementation is not part of the windows platform fips validated

Tagged: cryptography, fips, OpenSync, osconfig3, server 2016, windows

This topic contains 10 replies, has 2 voices, and was last updated by Yudel Rosales 9 months ago.

Viewing 11 posts - 1 through 11 (of 11 total)

Author
Posts
May 28, 2020 at 3:37 pm #67176

priteshpatel
Participant
We are receiving this OSConfig3 error exception this implementation is not part of the windows platform fips validated cryptographic algorithms. We previously had this error “[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.”, and we remediated that by Enabling the FIPS compliant encryption algorithm under system cryptography. As suggested I followed the same:
a. In Control Panel, click Administrative Tools, and then double-click Local Security Policy.
b. In Local Security Settings, expand Local Policies, and then click Security Options.
c. Under Policy in the right pane, select System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing.
e. Double Click to open the option and then click Enabled.
f. Restart the machine for the policies to take effect.
Which brought me to the error in the title above.
We are using Quickbooks 2019 on Windows Server 2016 Standard. OpenSync 3.0.28 then proceeds to ask us for a key (I’m using the trial version right now), which I don’t have, so am forced to hit Cancel, which closes the application.
I’m thinking this is related to the end of TLS 1.0 and 1.1 in Microsoft operating systems.
Thank you for your help.
May 28, 2020 at 3:48 pm #67177

priteshpatel
Participant
So to clarify. When we don’t have FIPS enabled we get the Failed: [DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.:-2147467259 error. When we have FIPS enabled we get the “OSConfig3 error exception this implementation is not part of the windows platform fips validated cryptographic algorithms” error.
May 28, 2020 at 3:53 pm #67179

Yudel Rosales
Keymaster
Can you post a screenshot, please?
May 28, 2020 at 5:01 pm #67186

priteshpatel
Participant
Screenshots attached in both scenarios with and without FIPS enabled.
Attachments:
You must be logged in to view attached files.
May 29, 2020 at 9:55 am #67194

Yudel Rosales
Keymaster
Can you give your order number, please? So, I can see what is happening in our end.
May 29, 2020 at 9:57 am #67195

priteshpatel
Participant
I haven’t ordered yet. I’m trialing the software before purchase. We already have one license (on a different account) for another server, and we will be replacing that server with this new one, but I obviously need to get this environment working before I can decommission the old one.
May 29, 2020 at 10:00 am #67196

Yudel Rosales
Keymaster
Are you willing to do a remote session? to see what is happening
May 29, 2020 at 10:04 am #67197

priteshpatel
Participant
Yes we can. Send me an email at the email on file in my profile and we can schedule a time.
May 29, 2020 at 2:30 pm #67199

priteshpatel
Participant
This reply has been marked as private.
June 4, 2020 at 10:37 am #67228

priteshpatel
Participant
A call was held with Yudel and we determined the server didn’t support TLS1.0 which was needed for OpenSync to work. Using this software https://www.nartac.com/Products/IISCrypto/ we enabled the TLS1.0 for the client and server protocols and that got this working after a reboot. Thank You to Yodel for the assistance.
June 4, 2020 at 6:25 pm #67230

Yudel Rosales
Keymaster
Thanks for sharing this for all here. I appreciate it.
Author
Posts

Viewing 11 posts - 1 through 11 (of 11 total)

You must be logged in to reply to this topic.

OpenSync

Attachments: