NetWorker: NMM SQL Server backup fails with SSL Provider: The target principal name is incorrect
Summary: The NetWorker Module for Microsoft (NMM) takes SQL Server backups and the backup fails with error: "SSL Provider: The target principal name is incorrect. Cannot log in to SQL Server Default Instance." ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
The NetWorker Module for Microsoft (NMM) takes SQL Server backups and the backup fails with error:
"SSL Provider: The target principal name is incorrect. Cannot login to SQL Server Default Instance."
Sample Logs
----------------- nsrsqlsv.log -------------- 5/26/2024 9:01:41 PM nsrsqlsv NSR info Legato Networker Server Version: NetWorker 19.9.0.2.Build.90 CLP Capacity License 5/26/2024 9:01:41 PM nsrsqlsv NSR notice Version information for C:\Program Files\EMC NetWorker\nsr\bin\nsrexecd.exe: Original file name: nsrexecd.exe Version: 19.9.0.6.Build.267 Comments: Version information for C:\Program Files\EMC NetWorker\nsr\bin\nsrsqlsv.exe: Original file name: nsrsqlsv.exe Version: 19.9.0.Build.267 (ntx64) Comments: Supporting Microsoft Volume Shadow Copy Service 153887:nsrsqlsv: Microsoft SQL server documentation provides details about the following SQL Server Provider error: 38008:nsrsqlsv: SSL Provider: The target principal name is incorrect. 153416:nsrsqlsv: (Error: -2146893022) 5/26/2024 9:01:41 PM nsrsqlsv NSR critical Cannot login to SQL Server Default Instance. Stop time: Sun May 26 21:01:41 2024 ------------- SYSTEM EVENTLOG ---------------- 05/26/2024 09:01:41 PM Error Schannel The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is “shortnameoftheserver”. The TLS connection request has failed. The attached data contains the server certificate.
Cause
The root cause of this issue is attributed to the SQL Server feature called Force Strict Encryption.
The default connection string contains - "Server=(local)", and this is failing on the problem host.
- This feature is enabled on this environment and using a third party certificate for encryption.
- The Service Principal Name list of the SQL Server includes the Fully qualified domain name (FQDN) of the SQL Server.
- The problem is that Service Principal Name list of the SQL Server is missing the short name of the SQL Server
The default connection string contains - "Server=(local)", and this is failing on the problem host.
Resolution
The permanent solution for this issue will be available in the following release of NetWorker: 19.10.0.6, 19.11.0.3 and in the main release for 19.12.
This defect will be tracked in defect ID:
[NETWORKER-104211] NMM 19.9. SQL Server scheduled backup fails with SSL Provider: The target principal name is incorrect.
This defect will be tracked in defect ID:
[NETWORKER-104211] NMM 19.9. SQL Server scheduled backup fails with SSL Provider: The target principal name is incorrect.
Article Properties
Article Number: 000225544
Article Type: Solution
Last Modified: 12 Nov 2024
Version: 4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.