Venus 1500 gets stuck on "Nucleus Service Loading" screen when launched. - TLS & SSL 1.0/1.1 disabled

Potential Symptoms

  • When launching Venus 1500, the splash screen gets stuck on "Nucleus Service Loading" and does not progress.
    • Error window may appear when launching Venus 1500.  "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is configured to allow remote connections. error: 26 - error locating server."error launching venus KB.png
  • SQL error is present on start up: Windows could not start the SQL Server (NUCLEUS) on Local Computer. For more information, review the System Event Log.
  • Nucleus Error logs show:
    • Title: Error during setup of users and roles.
      Message: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
  • System logs show:
    • The SQL Server (NUCLEUS) service terminated with the following service-specific error:
      The group or resource is not in the correct state to perform the requested operation.
    • A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
  • Can close Venus 1500 application without any hang ups and services are running correctly.
  • Nucleus error log shows:
    Title: Error during setup of users and roles.
    Message: The underlying connection was closed: An unexpected error occurred on a send. (may also say receive)
    Exception: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send.
  • "at" locations under Exception body mention System.Net.Security.sslstate or System.Net.Tlsstream.ExecutionContext (See picture)
  • When attempting to start SQL service manually: Windows could not start the SQL server on local computer
    SQL server terminated: group or resource is not tin the correct state to perform the requested operation
  • Error when attempting to run repair on Venus 1500: A Network-related or instance-specific error occurred while establishing a connection to SQL server.
  • On older versions of Venus 1500 that do not utilize Fusion, the error may manifest as a user name/password prompt.
    • When checking services, the SQL Server (Nucleus) service will not be running. Manually starting the service will result in a SQL error code of -2146493007.
    • The Nucleus log will not have any of the errors shown above.
  • Receive error "The caller was not authorized by the service."
  • Receive the following error when opening Content Studio from Venus v4.22.3 - "SOAP security negotiation failed. See inner exception for more details."
  • Possible to see this error and tls/ssl do not exist in the registry:
    • ​​​​​​​Exception: System.TypeInitializationException: The type initializer for 'Daktronics.Nucleus.Operations.ScriptManager' threw an exception ---> System.InvalidOperationException: The requested Performance Counter is not a custom counter, it has to be initialized as ReadOnly

Environment

  • Product:
  • Component: SQL 2008, SQL 2014 SP2, TLS & SSL registry settings
  • Control System: Venus 1500 V4.22

    Cause

    • TLS & SSL 1.0/1.1 are disabled in Registry.

    Resolution

    NOTE: Prior to going through the Registry steps listed, verify the Daktronics Fusion and Daktronics Nucleus certificates are in place. Follow the articles below:

    Daktronics Fusion Certificate - When launching Venus 1500 the Fusion service not loading, and when manually starting the Fusion service started and then stopped or when manually installing Fusion receiving a 1920 error. DD2535149
    Daktronics Nucleus Certificate - Nucleus error log shows 'The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.' but not showing up in Fusion Event log, Corrupt Nucleus certificate. DD2605323


    Registry disclaimer
    Important
    : This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs.

    1. Open "REGEDIT" and first **Backup the registry** How to back up restore registry in Windows.
    2. Then, in the registry directory, Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
    3. Look for any folders in \Protocols labeled TLS 1.0, TLS 1.1, SSL 1.0, and SSL 1.1.
    4. Under each folder, there should be 2 subfolders labeled Server and Client.
    5. In each \Server and \Client folder there should be a registry labeled Enable, double click and change the value data 0 to 1.
      • If there is a registry labeled DisableByDefault in any folder, make sure their values are set to 0.
    6. Restart computer and reload Venus 1500.

    NOTE: We have seen issues resolved by enabling all TSL/SSL 1.0, 1.1, 2.0 and 3.0 Client and Server registries at the same time.
    We have also seen instances those folders do not contain a client folder. If this is the case continue by following the process for the Server registry.
    If possible, try to isolate to an individual registry value.
    NOTE: Venus V4 needs TLS 1.0 and 1.1 enabled. TLS 1.2 can be enabled as well without issues but can't replace 1.0 and 1.1.

    • If unable to enable the TLS feature as noted above due to network restrictions a standalone computer off the network can be utilized. This would would require a direct connection from the communication equipment/display to the computer.

    KB ID: DD3665770


    DISCLAIMER: Use of this content may void the equipment warranty, please read the disclaimer prior to performing any service of the equipment.

    DAKTRONICS DOES NOT PROMISE THAT THE CONTENT PROVIDED HEREIN IS ERROR-FREE OR THAT ANY DEFECTS WILL BE CORRECTED, OR THAT YOUR USE OF THE CONTENT WILL PROVIDE SPECIFIC RESULTS. THE CONTENT IS DELIVERED ON AN "AS-IS" AND "AS-AVAILABLE" BASIS. ALL INFORMATION PROVIDED IN THIS ARTICLE IS SUBJECT TO CHANGE WITHOUT NOTICE. DAKTRONICS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. DAKTRONICS DISCLAIMS ANY AND ALL LIABILITY FOR THE ACTS, OMISSIONS AND CONDUCT OF YOU OR ANY THIRD PARTIES IN CONNECTION WITH OR RELATED TO YOUR USE OF THE CONTENT. ADJUSTMENT, REPAIR, OR SERVICE OF THE EQUIPMENT BY ANYONE OTHER THAN DAKTRONICS OR ITS AUTHORIZED REPAIR AGENTS MAY VOID THE EQUIPMENT WARRANTY. YOU ASSUME TOTAL RESPONSIBILITY FOR YOUR USE OF THE CONTENT AND ANY LINKED CONTENT. YOUR SOLE REMEDY AGAINST DAKTRONICS FOR DISSATISFACTION WITH THE CONTENT IS TO STOP USING THE CONTENT. THIS LIMITATION OF RELIEF IS A PART OF THE BARGAIN BETWEEN THE PARTIES.

    The above disclaimer applies to any property damage, equipment failure, liability, infringement, or personal injury claim arising out of or in any way related to your use or application of the content, whether such claim is for breach of contract, tort, negligence or any other cause of action.