windowssslazure-pipelinesdevops

Azure Agent SSL Issue: "an existing connection was forcibly closed by the remote host"


Windows server was updated from 10 to 11. TLS certificates were updated. I've verified that its using 1.2. SSL works as well. Azure DevOps is accessible via the server.

Installing a new agent result in the same issue

attempting to restart/remove the agent via start/setup .cmd files yields no results. Give the same result SSL

System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.

---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..

---> System.Net.Sockets.SocketException (10054): An existing connection was forcibly closed by the remote host.

   --- End of inner exception stack trace ---

I was able to previously restart the agent via .cmd files but do not remember encountering the ssl issue.

I can post additional details if needed. I've explored all avenues that I could think of.

I tried reinstalling the agent and stopping the agent. I was expecting to remove the old agent and create a new connection.


Solution

  • According to the info you have shared, it seems that TLS 1.2 hasn't been configured successfully.

    You can download and run this script Azure DevOps TLS 1.2 transition readiness checker to screen for the TLS-misconfigurations / TLS-incompatibility issues and fix it based on the script’s printed mitigation advice.

    Reference: