Abstract: If you have a application (e.g. IIS .net Application) which need to speak with an SQL server, you might get the error “The client and server cannot communicate, because they do not possess a common algorithm” when you try to perform a SQL connection.
The issue came up when we setup a Thycotic Secret Server on a hardened OS. On the OS TLS 1.0 was disabled for security reasons, however at the moment the used Microsoft SQL server didn´t speak TLS 1.1 or TLS 1.2. So the error message:
A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 – The client and server cannot communicate, because they do not possess a common algorithm.)
came up. After TLS 1.0 was enabled on the Thycotic Server the installation could be performed without issues. So make sure that your Microsoft SQL environment is up to date and supports TLS 1.1/1.2 if you wish to disable TLS 1.0.
Cross reference:
https://community.spiceworks.com/topic/860418-problem-with-ms-sql-after-disabling-ssl-3-0-and-tls-1-0
http://www.admin-enclave.com/en/articles/windows/151-enable-tls-1-1-1-2-on-windows-7-2008-r2.html