The scenario is as follow:
Connection from Windows Server 2003 to SQL Server 2005 works smoothly. Now a new Windows 2012 server which hosts the same .net web application unable to connect to the same SQL Server database, it fails with the following error:
A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider,error: 0 - An existing connection was forcibly closed by the remote host.)]
As it is working fine from Windows 2003, I guess the issue could be one of these:
Backward compatibility issue, as the new box is Windows 2012 instead of Windows 2003.
Network connectivity issue. However I can confirm the network path is fine as I can telnet port 1433 from the web server to the database server and also part of the error message is
A connection was successfully established with the server
Any help would be appreciated.
You need to install this hotfix for Windows Server 2003. It adds TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA and TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA cipher suites to Windows Server 2003.
Without these 2 cipher suites added to Windows Server 2003, anything from Windows Server 2008 R2 and above, will not be able to create an SSL connection to Windows Server 2003. This includes SQL Server connections, and any other connections that rely on SSL.
Why? Because Windows Server 2008 R2 and above, have no ciphers that match with what Windows Server 2003 has (the old ciphers have all been removed from new OS's for security reasons); therefore Windows Server 2003 drops the connection because there's no matching cipher available.
Microsoft Hotfix for Windows Server 2003: https://support.microsoft.com/en-us/help/948963