Reputation: 4035
All self-hosted agents cannot connect to devops site
All of our self-hosted agents cannot connect to DevOps this morning, they are failing with:
...
[2022-01-31 23:38:04Z ERR VisualStudioServices] Attempt 4 of GET request to https://dev.azure.com/xxxxxxxxxx/_apis/connectionData?connectOptions=1&lastChangeId=123456789&lastChangeId64=123456789 failed (Socket Error: ConnectionReset). The maximum number of attempts has been reached.
[2022-01-31 23:38:04Z INFO VisualStudioServices] Finished operation Location.GetConnectionData
[2022-01-31 23:38:04Z INFO AgentServer] Catch exception during connect. 2 attempt left.
[2022-01-31 23:38:04Z ERR AgentServer] System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..
---> System.Net.Sockets.SocketException (10054): An existing connection was forcibly closed by the remote host.
--- End of inner exception stack trace ---
Attempting to uninstall the agent gives me the same error. Attempting to install a new agent in a different folder gives me the same error.
- Agent versions are 2.193 and 2.194
- All servers are Win2012, and are hosted in our own non-Azure location
- The URL in the error message can be accessed successfully from a browser on the server
- executing
run.cmd --diagnosticsin the agent folder shows no errors/issues
Anything I'm missing to check?
Upvotes: 1
Views: 2948
Answers (1)
Reputation: 30362
This should be caused by TLS1.2.
Azure DevOps services will no longer accept connections coming over TLS 1.0 / TLS 1.1 and require TLS 1.2 at a minimum from January 31, 2022. This applies to all HTTPS connections to Azure DevOps Services including web API, and git connections to https://dev.azure.com/orgname and https://orgname.visualsdtudio.com/.
Please see Deprecating weak cryptographic standards (TLS 1.0 and TLS 1.1) in Azure DevOps for details.
So, please make sure the machine is using TLS 1.2 protocol or higher. Check https://aka.ms/enableTlsv2 for more information on how to enable TLS in your machine.
You can refer to this document to enable TLS 1.2:https://learn.microsoft.com/en-us/configmgr/core/plan-design/security/enable-tls-1-2
Upvotes: 3
Related Questions
- Azure DevOps agent configuration successfully connects to the server, but then fails with "Error VS30063: You are not authorized to access..."
- Setting up Self Hosted Agent on Windows machine : WRITE ERROR: An error occurred: Not configured
- Self-hosted build agent cannot connect to Azure DevOps Services, SSL connection could not be established
- Azure DevOps deployment agent can't connect due to SSL issues
- Self-Hosted Devops agent - Config launching error
- Azure Devops Self hosted Agent Docker Container Connectivity Issues
- Azure DevOps Services - self hosted agents have gone Offline
- Azure DevOps Self hosted agent error connectivity issues
- Self Hosted Agent not showing up under Agent pool dropdown
- Azure Devops azure pipelines agents TCP connection failing