Epicor BAQ OData connection errors (Excel)

Today I started receiving this error message on all of my OData connections in Excel.
The Rest calls still work when I enter them into the browser, swagger page and postman.
I’m not sure why the OData is giving me trouble.

We couldn't get data from the Data Model, Here's the error message we got:

The Underlying connection was closed: An unexpected error occurred on a send. 
Authentication failed because the remote party has closed the transport stream. 

image

Could this be related the SSL certificate being outdated?

See my post about OData and SSIS task. I suspect you need to do something similiar to what I did to fix my SSIS task.My guess is you are in the Epicor Public cloud as well?

How I fixed my Win 10 box:

  1. Enforce TLS 1.2 on your machine through registry settings. In an elevated command prompt run the following commands:
  • reg add HKLM\SOFTWARE\Microsoft.NETFramework\v4.0.30319 /v SchUseStrongCrypto /t REG_DWORD /d 1 /reg:64
  • reg add HKLM\SOFTWARE\Microsoft.NETFramework\v4.0.30319 /v SchUseStrongCrypto /t REG_DWORD /d 1 /reg:32

This is per here (buried in some bad HTML formatting) https://www.xszz.org/faq-6/question-2019082815664.html

YMMV, back up your registry first, etc. etc. do your own DD but this worked for me.

guruzim -
Thanks for the feedback. I’ll work to see if this fix works for us.
Also, we are public cloud and this issue is happening to every user. I’m not sure if this is a machine specific issue.

It was a TLS 1.2 security change implemented on the Public Cloud this weekend during the upgrade that was the change that caused my issue. The fix has been workstation by workstation for me so far. I started yesterday and got remaining windows 7 machines fixed and today got the SSIS fixed on the Win 10 box.

This is the message from the Cloud Team yesterday:

A resolution is available for the subset of Epicor ERP Cloud users running Microsoft Windows 7 and Windows 2008/2012 servers who are experiencing system issues, which were caused by recent critical updates that were applied to the Epicor ERP Cloud servers. If this is impacting you, follow the instructions below to resolve.

However , please be aware that there may be further action required on your part. Microsoft has announced Windows 7 support will end on January 14, 2020. After this date, Epicor cannot guarantee future resolutions to issues on these operating systems. It is important that you plan to migrate from these older operating systems to supported models, in order to ensure the security and integrity of not just Epicor ERP Cloud, but all of your business systems.

Instructions

  1. Ensure you backup your registry prior to changes/Epicor recommends this be done by an IT professional if available else ensure you take precautions when changing your registry. These changes have been tested by multiple customers and internal resources and resolves the issue. Open regedit on the computer where smart client is installed.
  2. Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
  3. Add New Key “TLS 1.2” under Protocols.
  4. Add New Key “Client” under “TLS 1.2”.
  5. Add New Key “Server” under “TLS 1.2”.
  6. Add new DWORD “DisabledByDefault” Value under “Client”. Set Value = 0.
  7. Add new DWORD “DisabledByDefault” Value under “Server”. Set Value = 0.
  8. Add new DWORD “Enabled” Value under “Client”. Set Value = 1.
  9. Add new DWORD “Enabled” Value under “Server”. Set Value = 1.
  10. Reboot your Smart Client computer
1 Like

Mark -

I followed the step that you provided and it didn’t resolve the issue. I’m still getting the same error message when trying to run an OData REST call from Excel.


Also, I’m running windows 10 on my machine. I don’t know if that changes to solution.

I applied the fix that you referenced in you initial comment and I’m still not able to run the OData REST call in Excel.
Also, my PC is running Windows 10.

Yeah, that was for my Windows 7 folks (who won’t be for long…). Are you a cloud user?

Yes, we are on the cloud

We are too. I have no issues with REST v1. Are you using v2? Do you use Azure AD for authentication?

I’m using V1

-Steven Hutcheson

This was the fix for me on my Windows 10 PC.

Instructions -

Need to add the “SchUseStrongCrypto” registry key (for 64-bit branch) on the client machine.

It forces the client workstation to use TLS 1.2 for the handshake.

• Click on Start, then Run on the Windows workstation,

type in “regedit” to launch the registry editor (Or Start, then type in “regedit” in the windows search)

• Navigate to the following Key on the tree in the left-hand pane: HKEY_LOCAL_MACHINE\SOFTWARE[Wow6432Node]\Microsoft.NETFramework\v4.0.30319

• With the “v4.0.30319” key selected in the tree, right click in the white space on the right pane, select “NEW”, then click “DWORD (32-bit) Value”

• For the Name value, enter “SchUseStrongCrypto”

• Right-click on the newly created value, select “Modify”

• In the Value Data field, enter “1”, Click OK

• Reboot the workstation

2 Likes

I think those are the same two keys I gave the instructions for above earlier in the thread, aren’t they?

//edit: I see the issue. I didn’t say to reboot afterwards.

//edit2:Nope, I see the difference now. Yours are 64 bit apps mine was 32 bit. So, depending, you might need the keys i posted for older connection types (like what my SSIS was using) or yours for a more modern Excel than i have installed. Got it now :slight_smile:

I think you’re right. There is going to be a difference in 64 bit vs 32 bit.