just an update on where we are with the pipeline fix, and somethings I found.
It seems that PowerShell was using version 5 by default when 7 is available, it gives another error, although a “better” one.
Essentially running Quick check of TLS 1.2 compatibility throws an error. It had something to do with the cipher suites enabled on the server.
On our server:
TLS_RSA_....
.....
....
In the article:
It is key that on the OS one of the four TLS 1.2 cipher suites below is enabled:
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (*)
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (*)
And it doesn’t seem like they are there ( I checked using Get-TlsCipherSuite).
Running this in in powershell 7 give the following issue:
run: (Invoke-WebRequest -Uri status.dev.azure.com -UseBasicParsing).StatusDescription
Result: Invoke-WebRequest: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
So according to the guy: You have the problem if the above fails with “The underlying connection was closed: An unexpected error occurred on a send.”
the fix to add those The sys admin followed these steps:
Using Group Policy
Open the Group Policy Management Console.
Navigate to Computer Configuration > Administrative Templates > Network > SSL Configuration Settings.
Double-click SSL Cipher Suite Order and click the Enabled option.
Right-click the SSL Cipher Suites box and select Select all from the pop-up menu.
Right-click the selected text and select Copy from the pop-up menu.
Paste the text into a text editor such as Notepad and update it with the new cipher suite order list.
Replace the list in the SSL Cipher Suites box with the updated ordered list.
Click OK or Apply.
Changes will take effect after a restart. If you need more detailed information, you can find it here.
Thanks for all the help