Azure Pipelines local agent failing to connect with SSL error
We have an on premise server (Windows Server 2012 R2) with an Azure Pipelines agent running on it. Today (31st Jan 2022) this agent could not longer connect to our Azure DevOps organisation.
Judging by the log files, I assume this is because it is trying to connect with an older TLS version, which as of today is no longer available - https://devblogs.microsoft.com/devops/azure-devops-services-to-require-tls-1-2/
So I followed the instructions on how to make sure TLS 1.2 was enabled, and confirmed my settings in the registry editor and by running the PowerShell script suggested here - https://learn.microsoft.com/en-us/security/engineering/solving-tls1-problem#update-windows-powershell-scripts-or-related-registry-settings
All seems ok, yet it still fails to connect with the same issue. The machine has been restarted as well. If I try the URL it is requesting in the in built Internet Explorer browser, it fails, but with Chrome it succeeds, so it must still be trying to connect with TLS 1.2, but I don't know why. I've tried reinstalling the agent (with the latest build) as well but it fails on the same error. Any suggestions?
Enabling below Cyphers with IISCrypto on the server helped us fix the issue
Cipher Suites
TLS 1.2 (suites in server-preferred order)
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits FS 256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 2048 bits FS 128
This from Vijay's solution
- Azure pipeline doesn't wait for function app to complete
- How to set the registry URL in a project-level .npmrc file from an environment variable in an Azure Pipeline
- Release Pipeline throws the following error: Unable to apply transformation for the given package - Changes are already present in the package
- How to run trivy image scan inside Azure DevOps
- How to disable self-hosted agent in AzureDevOps pool via command-line
- How to create Azure function App in Python without using Visual Code Studio
- Splitt git push to Azure DevOps
- Azure pipeline - Failed on Error NU1301 after upgrade Azure Function
- Passing Variable Between Stages in Azure DevOps Pipeline
- How to I checkout with recursive submodules in Azure DevOps in the same project but different repo
- Azure Self Hosted pipeline agent no longer starts when I boot my PC
- ARM deployment job in YAML
- How do I inject variables into a SQL script, in the Azure DevOps pipeline?
- Trigger on pipeline and with path filter
- How to install yarn@2 in azure devops pipeline agent
- Where to install software on azure pipeline agent?
- How do you properly deploy from Azure Artifact Feed
- In Azure Devops Yaml pipeline, how to programatically add a step to a deployment
- Azure Artifacts gives 401 error on publishing a nuget package
- Azure Function app down due to wrong routing template in http trigger binding of a functions
- Use multiple tags when creating Docker image using Spring Boot Maven Plugin
- dynamically using a Service Connection in an Azure DevOps pipeline based on the calling repository
- Creating Team Data Science Process in ADO
- Azure Devops pipeline schedule releases old releases
- Receiving the WhiteSource Task warning in the azure devops build pipeline
- Require explicit resource input in Azure pipeline
- Change Azure DevOps Parent Work Item status when all linked children work items meet certain condition?
- Moving npm packages from Azure Devops to Github
- Pull requests using the Azure DevOps plugin in JetBrains Rider
- Trouble Deploying FastAPI Project on Azure Functions or testing locally