SQL Server Service Broker has a conversation where at least one endpoint has been defined to use RC4 encryption and the server is set for Federal Information Processing Standard (FIPS) compliance mode. RC4 encryption is not supported when running in FIPS compliance mode.
The local security setting is System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing . This message is recorded in the Windows application log as MSSQLSERVER event ID 28078.
Use ALTER ENDPOINT to specify a supported algorithm.
For more information, see "ALTER ENDPOINT (Transact-SQL)" in Microsoft SQL Server 2008 Books Online.
Name | Description | Default Value |
Enabled | Enables or disables the workflow. | Yes |
Priority | Defines Alert Priority. | 1 |
Severity | Defines Alert Severity. | 2 |
Target | Microsoft.SQLServer.2008.DBEngine | ||
Category | EventCollection | ||
Enabled | True | ||
Event_ID | 28078 | ||
Event Source | $Target/Property[Type="SQL!Microsoft.SQLServer.DBEngine"]/ServiceName$ | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Remotable | True | ||
Alert Message |
| ||
Event Log | Application | ||
Comment | Mom2008ID='{945A6297-4BF8-4948-9920-5489E951CF28}';MOM2008GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74} |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
_F6DA1507_12AF_11D3_AB21_00A0C98620CE_ | DataSource | Microsoft.Windows.EventProvider | Microsoft.SQLServer.SQLDefaultAccount |
GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
<Rule ID="Microsoft.SQLServer.2008.SQL_Server_Service_Broker_cannot_use_RC4_encryption_algorithm_when_running_in_FIPS_compliance_mode_5_Rule" Target="SQL2008Core!Microsoft.SQLServer.2008.DBEngine" Enabled="true" ConfirmDelivery="true" Remotable="true" Comment="Mom2008ID='{945A6297-4BF8-4948-9920-5489E951CF28}';MOM2008GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74}">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="_F6DA1507_12AF_11D3_AB21_00A0C98620CE_" Comment="{F6DA1507-12AF-11D3-AB21-00A0C98620CE}" TypeID="Windows!Microsoft.Windows.EventProvider" RunAs="SQL!Microsoft.SQLServer.SQLDefaultAccount">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>28078</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>$Target/Property[Type="SQL!Microsoft.SQLServer.DBEngine"]/ServiceName$</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>2</Severity>
<AlertMessageId>$MPElement[Name="Microsoft.SQLServer.2008.SQL_Server_Service_Broker_cannot_use_RC4_encryption_algorithm_when_running_in_FIPS_compliance_mode_5_Rule.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>Event ID: $Data/EventDisplayNumber$. $Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue/>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>