Connection handshake failed.

Hi.

I created two instances of SQL Server Dev Edition on the same machine.

The two instances acted as the sender / receiver.

However, when the message is transmitted from "Sender" to "Receiver", the following errors are
displayed in "SQL Profiler".

「Connection handshake failed. There is no compatible authentication protocol. State 21.」

How should be dealt with with this?
My best regards.

piknik

Seems like there is a problem with how you've setup your endpoints. Could you paste the script which you used for creating the endpoints? If you don't have that, could you paste the results from this query run on both instances?

select * from sys.service_broker_endpoints

|||

One machine is configured to use CERTIFICATE authentication, the other is configured to use WINDOWS. (or one is configured to use WINDOWS KERBEROS and the other WINDOWS NTLM).

Configure the endpoints to have at least one compatible authentication protocol and it will work.

HTH,
~ Remus

|||

Thank you for the reply.

I used following Script.

[Sender]

USE master
GO

-- Create master key in the master database
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password62374'

-- Create the certificate for transport security
CREATE CERTIFICATE TransportCert1
FROM FILE = 'C:\Documents and Settings\ryutai\Desktop\Demo\Certs\TransportCert1.cer'
WITH PRIVATE KEY (
FILE = 'C:\Documents and Settings\ryutai\Desktop\Demo\Certs\TransportCert1.pvk',
DECRYPTION BY PASSWORD = 'password62374'
)
ACTIVE FOR BEGIN_DIALOG = ON
GO

-- Create a user in the master db to be associated with
-- the public key from the remote certificate (TestCert2.cer)
CREATE LOGIN remcert WITH PASSWORD = 'password62374'
CREATE USER remcert FOR LOGIN remcert

-- remcert has to have connect priviliges
GRANT CONNECT TO remcert

-- Install the public key from the remote cert in master
CREATE CERTIFICATE TransportCert2
AUTHORIZATION remcert
FROM FILE = 'C:\Documents and Settings\ryutai\Desktop\Demo\Certs\TransportCert2.cer'
ACTIVE FOR BEGIN_DIALOG = ON
GO

-- Switch to the user database
USE SuperMarketServer
GO

-- Create a master key
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password62374'

-- Create a certificate for dialog security
CREATE CERTIFICATE DialogCert1
FROM FILE = 'C:\Documents and Settings\ryutai\Desktop\Demo\Certs\DialogCert1.cer'
WITH PRIVATE KEY (
FILE = 'C:\Documents and Settings\ryutai\Desktop\Demo\Certs\DialogCert1.pvk',
DECRYPTION BY PASSWORD = 'password62374'
)
ACTIVE FOR BEGIN_DIALOG = ON
GO

-- Create user that holds the remote public key for the dialog security certificate
CREATE USER remcert FOR LOGIN remcert

CREATE CERTIFICATE DialogCert2
AUTHORIZATION remcert
FROM FILE = 'C:\Documents and Settings\ryutai\Desktop\Demo\Certs\DialogCert2.cer'
ACTIVE FOR BEGIN_DIALOG = ON
GO

-- Create a remote service binding associating the remcert user
-- with the remote service
CREATE REMOTE SERVICE BINDING [SellItemBinding]
TO SERVICE 'SellItemService'
WITH USER = remcert,
ANONYMOUS = Off

-- The user has to have SEND permissions
GRANT SEND ON SERVICE::[SoldItemService] TO remcert
go

-- Enable communication between instances by creating an endpoint
CREATE ENDPOINT ServerEndpoint
STATE = STARTED
AS TCP
(
LISTENER_PORT = 5024
)
FOR SERVICE_BROKER (AUTHENTICATION = CERTIFICATE TransportCert1)

-- Finally grant connect permission to user used to secure the dialog
USE master
GO

GRANT CONNECT ON ENDPOINT::ServerEndpoint TO remcert
GO

SELECT * FROM sys.endpoints
--

It is set to "CERTIFICATE authentication" as which Sender and Reciver are the
same.

The sample of Script is put.
http://enterpriselibrary.jp/SampleDemo.zip

My Best Regards.

piknik.