SQL SERVER – Setup Rule: Microsoft .NET Application Security. The computer cannot access the Internet

There are many rules in SQL Server setup which are checked to make sure that the user is not seeing failure at the end of the installation. Most of the rules are generally passed, but few of them are known to generate warnings. One of such rule is Microsoft .NET Application Security which can be seen below.

If we click on a hyperlink, we would see below.

Here is the text of the message.

“The computer cannot access the Internet. There might be delays in starting a .NET application like Management Studio. If navigate to http://crl.microsoft.com/pki/crl/products/MicrosoftRootAuthority.crl and are prompted to download the MicrosoftRootAuthority.crl file you should not have .NET security validation issues. It is not necessary to download the MicrosoftRootAuthority.crl file.”

In my case, the machine, on which I was installing SQL Server, was not having a connection to the internet, so I was getting the warning.

WORKAROUND / SOLUTION

As explained in the warning message, if we have SSMS installed on this machine, we might see slowness in opening it. While I don’t know how to bypass the warning, but I do know trick to launch SSMS faster.

Based on my limited knowledge of .NET, the reason why it is slow is because .Net Runtime tries to contact crl.microsoft.com to ensure that the certificate validity. If then there is no direct route out to the internet to crl.microsoft.com to validate the certificate(s) and it eventually times out after 30 to 45 seconds.

To bypass above, we can make changes to the HOSTS file. By this we can force the certificate checks to crl.microsoft.com to route to the local host which immediately fails and the certificate checks are ignored. Here are the steps

  1. Press the keys [Win] + [R]
  2. Enter the following..

notepad %systemroot%\system32\drivers\etc\hosts

  1. Append the following..

127.0.0.1    crl.microsoft.com

  1. Save the file.

This will not bypass the warning, but an issue which might be caused in the future would be resolved.

Reference: Pinal Dave (https://blog.sqlauthority.com)

Exit mobile version