Fix SQL Cluster Encryption Error TDSSNIClient initialization failed with error 0xd, status code 0x38

>, Tech Tips>Fix SQL Cluster Encryption Error TDSSNIClient initialization failed with error 0xd, status code 0x38

For general instructions on how to Force Encryption on a SQL Server Instance, follow Microsoft KB Artcile How to enable SSL encryption for an instance of SQL Server by using Microsoft Management Console. This article also explains how to enable encryption on a SQL cluster. While trying to Force Encryption on a SQL cluster after following this article, I ran into the following errors in the Event Log:

2013-07-21 14:06:11.54 spid19s Error: 17182, Severity: 16, State: 1.

2013-07-21 14:06:11.54 spid19s TDSSNIClient initialization failed with error 0xd, status code 0x38. Reason: An error occurred while obtaining or using the certificate for SSL. Check settings in Configuration Manager. The data is invalid.

2013-07-21 14:06:11.54 spid19s Error: 17182, Severity: 16, State: 1.

2013-07-21 14:06:11.54 spid19s TDSSNIClient initialization failed with error 0xd, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. The data is invalid.

2013-07-21 14:06:11.54 spid19s Error: 17826, Severity: 18, State: 3.

2013-07-21 14:06:11.54 spid19s Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.

2013-07-21 14:06:11.54 spid19s Error: 17120, Severity: 16, State: 1.

2013-07-21 14:06:11.54 spid19s SQL Server could not spawn FRunCommunicationsManager thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.

I made sure the certificate was installed correctly and the thumbprint was copied correctly into the registry key. After copying the thumbprint to a text file, I got a Unicode to ANSI conversion warning when I tried to save the file in txt like the image above.

This is expected, since the default format for Notepad is ANSI. I went ahead and clicked OK. When I reopened the file, I saw a “?” at the beginning, which basically meant that there was a Unicode character at the beginning of the string. I followed these steps to resolve the issue:

  • Eliminated the Unicode character from the thumbprint
  • Converted all the alphabetical characters in the thumbprint to Caps.
  • Eliminated the spaces from the thumbprint
  • Saved this thumbprint to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL10.CLUSTEST\MSSQLServer\Certificate key.

After making the above changes, I rebooted the server and the instance started okay with Force Encryption enabled and no errors in the Event Log.

Leave a Comment