Action Required: Update Microsoft SQL Server Security Settings Before February 2026

Dear Users,

We recently deployed security updates in Zoho Analytics that inadvertently caused connection failures for a few customers using Microsoft (MS) SQL Server hosted on older Windows versions (Windows Server 2012, 2012 R2, and 2014).

To restore connectivity, we have temporarily reverted these updates. However, these security changes are mandatory for long-term protection and compliance, and they will be permanently enforced by the end of February 2026.

If you are using MS SQL Server on the affected Windows versions, action is required to ensure uninterrupted connectivity once the security standards are re-applied.

Who Is Affected

This applies only to customers who:

• Use MS SQL Server as a data source in Zoho Analytics, and
• Host MS SQL Server on:
• Windows Server 2012
• Windows Server 2012 R2
• Windows Server 2014

If you are not using these operating systems, no action is required.

Note: This update applies only to SQL Server Cloud DB imports.
It does not affect local database imports configured using Zoho Databridge.

Issue Description

When modern security standards are enforced, applications connecting to MS SQL Server hosted on older Operating Systems (Windows Server 2012 / 2012 R2 / 2014) will fail with the following error:

"encrypt" property is set to "false" and "trustServerCertificate" property is set to "true" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: SQL Server did not return a response.

Root Cause

1. Upcoming Security Standard:
   Modern security protocols require Forward Secrecy. Legacy TLS_RSA cipher suites are being deprecated industry-wide.
2. OS Limitation:
   Older Windows Servers rely on these deprecated ciphers by default. They do not offer modern Elliptic Curve (ECDHE) ciphers unless explicitly configured.
3. The Impact:
   Without the configuration below, your database will reject secure connections once we re-enable the security update.

Required Configuration: Enabling Modern Cipher Suites

To maintain connectivity, you must configure your Windows Server to support modern cipher suites.

If this configuration is not feasible in your environment, upgrading the Windows Server to a newer supported version is an alternative option, as modern operating systems include these security protocols by default.

To prepare your server, you must add the following modern cipher suites to the TOP of your Windows Server's configuration.

Implementation Methods

You can use one of the following methods.

Option A: GUI Method (Recommended)

Step 1: Download the Tool

Download IIS Crypto (GUI) from Nartac Software.

Note: This is a portable utility and does not require installation.

Step 2: Launch the Tool

• Copy IISCrypto.exe to the database server.
• Right-click the executable and select Run as Administrator.

Step 3: Configure TLS Protocols

• Open the Schannel tab.
• Ensure TLS 1.2 is enabled (checked).
• Verify that deprecated protocols (SSL, TLS 1.0, TLS 1.1) remain disabled in accordance with security policy.
  
  
  

Step 4: Prioritize Cipher Suites

• Navigate to the Cipher Suites list in the left-hand panel.
• Identify the following ECDHE cipher suites:
• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384
• TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384
• TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256
• Use the Up Arrow control to move these ECDHE cipher suites to the top of the list to ensure they are prioritized during TLS negotiation.
• Ensure that older TLS_RSA_* cipher suites remain enabled only for backward compatibility and are positioned below the ECDHE cipher suites with the lowest priority.

Step 5: Apply Configuration

• Click Apply to save the changes.

Step 6: Reboot

• Restart the Windows Server to ensure the changes take effect.
  

Option B: Group Policy Method (Native Windows)

Step 1: Open Group Policy Editor

• Press Win + R, type gpedit.msc, and press Enter.

Step 2: Navigate to SSL Configuration Settings

Go to: Computer Configuration→ Administrative Templates→ Network→ SSL Configuration Settings

Step 3: Edit Cipher Suite Order

• Double-click SSL Cipher Suite Order.
• Select Enabled.

Step 4: Prepend Secure Cipher Suites (Critical Step)

• Locate the SSL Cipher Suites text box.
• Do not delete the existing cipher list, as this may impact legacy application compatibility.
• Place the cursor at the very beginning (far left) of the text box.
• Paste the following cipher list before the existing entries:
  
  

  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256,
• Ensure there is a comma separating the newly added cipher block from the existing cipher list.

Step 5: Apply Configuration

Click OK to save the policy changes.

Step 6: Reboot

Restart the Windows Server for the Group Policy changes to take effect.

Verification: How to Install & Run Nmap

To confirm the server is ready for the future update, use the network scanning tool Nmap.

Step 1: Install Nmap

For Windows Users:

1. Download the Latest Stable Installer (.exe) from the Official Nmap Download Page.
2. Run the installer.
3. Critical Step: During installation, check the box for Install Npcap. This driver is required for the scan to work.
4. Finish the installation.

For Linux Users:

• Ubuntu/Debian: Run "sudo apt-get install nmap -y"
• RHEL/CentOS: Run "sudo yum install nmap -y"

Step 2: Run the Scan

Open your Command Prompt (Windows) or Terminal (Linux) and run:

nmap --script ssl-enum-ciphers -p 1433 <YOUR_DB_IP_ADDRESS>

(Replace 1433 with your specific SQL port if different).

Step 3: Interpret Results

• Look for the TLSv1.2 section in the output. Ensure TLS_ECDHE_... cipher suites appear at the top of the cipher list with Grade A.
• TLS_RSA_... cipher suites must not be removed, but should be kept only as fallback and configured with the lowest priority to avoid regression after re-applying the update.

Example of Successful Output:

What Happens If You Skip This Configuration?

If modern ciphers are not enabled before the security update is permanently enforced:

• Scheduled syncs will fail.
• You won't be able to add or manage existing connections/sources/tables.

Enforcement Timeline

These security standards will be permanently enforced by the end of February 2026.

Servers that do not meet the required cipher configuration will experience connection failures once enforcement begins.

Need Assistance?

If you need help with the configuration, contact us at support@zohoanalytics.com.

To help us resolve your issue faster, include the following details in your email:

• Windows Server version
• SQL Server version
• SQL port number
• Nmap scan output (if available)
• Screenshot of your cipher configuration (if applicable)

Providing this information upfront will help us diagnose and assist you more efficiently.

• Topic Participants

• Pradeepkumar R

  

• Sticky Posts

• What's New in Zoho Analytics - February 2026

  Hello Users! We're back with another round of updates for Zoho Analytics. This month's release focuses on giving you greater flexibility in how you visualize, manage, and act on your data - with new features like custom visualizations, remote MCP server,

• What's New in Zoho Analytics - January 2026

  Hello Users! We are starting the year with a strong lineup of updates, marking the beginning of many improvements planned to enhance your analytics experience. Explore the latest improvements built to boost performance, simplify analysis, and help you

• What's New in Zoho Analytics - November 2025

  We're thrilled to announce a significant update focused on expanding your data connectivity, enhancing visualization capabilities, and delivering a more powerful, intuitive, and performant analytics experience. Here’s a look at what’s new. Explore What's

• What's New in Zoho Analytics - October 2025

  Hello Users! We're are back with a fresh set of updates and enhancements to make data analysis faster and more insightful. Take a quick look at what’s new and see how these updates can power up your reports and dashboards. Explore What's New! Extreme

• What’s New in Zoho Analytics – September 2025

  Hello Users!! In this month’s update, we’re raising the bar across multiple touchpoints, from how you bring in data, plan and track projects to how you design and brand your dashboards. We’ve added the all-new Gantt chart for project visualization, expanded

• Recent Topics

• Ask the Experts 27: Onboarding and managing support reps

  Hello everyone, We are back with our Ask the Experts (ATE) series for 2026. This year, we bring experts to help you address customer support challenges using Zoho Desk. For our first ATE, we are getting into the human side of customer support. "Every

• Assign Meeting in records

  It would be nice to be able to "call and assing" meetings from a record, for example from a Deal. Right now - calendar is synced with CRM - meetings show in calendar - you can go in each meeting and assign it to a record It would be nice to be able to

• You have reached the maximum limit of bank accounts that can be connected to Zoho Books through token.

  I can no longer connect to my bank account to download transactions into Zoho Books. I egt the error message: "You have reached the maximum limit of bank accounts that can be connected to Zoho Books through token. To connect more accounts, write to us

• Sincronizar eventos de Bigin en Zoho Calendar (Zoho Mail)

  Hola Me gustaría poder sincronizar mi Calendario de Zoho (Mail) con los eventos de Bigin. No veo la opción disponible.

• Sales Receipts in UK Free tier

  Is Sales Receipts available in UK Books, specifically at the Free tier? None of the options from the help pages are available to me.

• Duplicate Leads Concerns with Round Robin and Lead Approval Process

  It is great to have the Duplicate Lead Approval Process, there are a few issues with the process that I would greatly appreciate taken consideration in enhancing. It appears that A Lead comes in Lead owner assigned by the Round Robin Check for Duplicate,

• My client requires me to have custom pdf file names to except payment for invoices, how can I customize this before emailing.

  Hello! I love the program so far but there are a few things that are standing in the way. I hope you guys can code them in so I can keep the program for years to come. My client requires I customize the pdf file names I send in for billing. Can you please

• How to see Statement Details Shown in Unclassified Transactions in All Transactions?

  All, The list of Unclassified Transactions show the Statement Details and Descriptions. What is the method to see that column in the All Transactions list? -Thanks!

• When I schedule calendar appointments in zoho and invite external emails, they do not receive invites

  Hello, We have recently transitioned to zoho and are having a problem with the calendar feature. When we schedule new calendar appointments in zoho the invite emails aren't being sent to the external users that we list in participants. However, this works

• Migrate different zoho subscription to zoho one

  Dear We have different zoho subscription we need to migrate it to zoho one. Currently we are paying for zoho email, zoho expense, zoho payroll etc under different admin We need to move it too zoho one flexlible plan for all my employees

• Bigin use in hospital- Human Med or Veterinary

  I am looking for users who are in either human or veterinary medicine and use the CRM specifically for referral management tasks. Are you using the basic version? How many users update the CRM and is it effective? Did you pay for additional customizations?

• Questions Regarding Helpdesk & SalesIQ Customization and Email Setup

  Hello, I hope you’re doing well. I have a few questions regarding Helpdesk and SalesIQ: Can the emails sent to customers via helpdesk tickets be fully customized — including signature, subject line, and other elements? Also, is it possible to send these

• Internal Fillable Contract with Zoho Writer (Before Sending to Client)

  Hi everyone, I’m trying to automate the following process in Zoho CRM and would appreciate some guidance. Process: When a Deal moves to a specific stage, CRM triggers an automation. CRM sends a contract template to an internal team member so they can

• How to sync overtime from zoho people to zoho payroll

  Hi everyone, I’m currently setting up Zoho People with Zoho Payroll. While configuring the sync, I noticed I can only fetch Employee Profiles, LOP (Loss of Pay), and enable the Employee Portal. I can’t seem to find a way to automatically pull Overtime

• Standardize email communication with Signature Template

  Maintaining a consistent and professional signature across all outgoing emails is essential for any organization. However, when users manage their signatures individually, it often leads to inconsistencies like varying formats, missing designations, or

• CRM x WorkDrive: File storage for new CRM signups is now powered by WorkDrive

  Availability Editions: All DCs: All Release plan: Released for new signups in all DCs. It will be enabled for existing users in a phased manner in the upcoming months. Help documentation: Documents in Zoho CRM Manage folders in Documents tab Manage files

• How can I export all Deluge code across the application?

  I’m working on a application with multiple forms, reports, and HTML views, where Deluge scripts are used across workflows, field actions, and custom functions. Is there a way to export all Deluge scripts into a single file for easier search?

• Zoho Books: tax is not automatically pulled from product-data anymore - why?

  Hi, until a short time ago, you could set a default taxrate for each product/item. This taxrate automatically appeared each time the item was chosen in an invoice or quote. Why does this not work anymore? The field is still there at the product record,

• Setting up property management in Zoho Books

  Hi, I run a property management business that manages property complexes. There are multiple owners, some owning more than one property on the same complex. My role is to manage the fees they pay for maintenance of common areas, such as the swimming pool

• Sync Attachments in Comments from Zoho Desk to Zoho Projects

  Hello Zoho Desk Team, We hope you're doing well. We are actively using the Zoho Desk–Zoho Projects integration, especially for reporting and managing bugs/issues between support and development teams. Current Limitation: After creating a bugs/issues via

• Zoho Creator to GMAIL API Setup - Where Do I Begin?

  Does anyone know how to connect Zoho Creator to Google Workspace (Specifically GMAIL?) We have FLOW setup and working fine to send emails via GMAIL, but Flow doesn't accept file attachments which is a major problem. So, we need to be able to send an email

• Kiosk Page Refresh

  We have a Kiosk running from a button in contacts to update values and also add related lists, which works great, but when the kiosk is finished the page does not refresh to show the changes. Is there a way to force the contact to refresh/update when

• How to call Functions and perform Write Operations using Page Scripts?

  Hi everyone, How to call a function from a Zoho Creator application within a Page Script, also how to perform write operations (adding or updating records) using page scripts?

• All new Address Field in Zoho CRM: maintain structured and accurate address inputs

  Availability Update: 29 September 2025: It's currently available for all new sign-ups and for existing Zoho CRM orgs which are in the Professional edition exclusively for IN DC users. 2 March 2026: Available to users in all DCs except US and EU DC. 24

• Setting GC session variable programatically in a website

  Hi! Is there a way now to programatically set session variables from a website for a Guided Conversations? The current available methods are dependent on react-native.

• Ticket Merge Error

• sync two zoho crm

  Hello everyone. Is it possible to sync 2 zoho crm? what would be the easiest way? I am thinking of Flow. I have a Custom Module that I would like to share with my client. We both use zoho crm. Regards.

• Introducing Rollup summary in Zoho CRM

  ------------------------------------------Moderated on 5th July'23---------------------------------------------- Rollup summary is now available for all organizations in all the DCs. Hello All, We hope you're well! We're here with an exciting update that

• Refresh frequency

  Dear Zoho Team, I really, truly appreciate that Zoho Books gets frequent updates. As a matter of fact this is how a good SaaS company should stay on top. However, I feel that I have to hit refresh almost every day. This was exciting at the beginning but

• Update application by uploading an updated DS file

  Is it possible? I have been working with AI on my desktop improving my application, and I have to keep copy pasting stuff... Would it be possible to import the DS file on top of an existing application to update the app accordingly?

• Two-factor authentication (2FA) Log-in Problems

  The Two-factor authentication (2FA) Login on my passwords doesn't match , so it wont accept login I'm down to my last backup code.

• Re: Application Architecture in Zoho Creator — A Platform-Specific Deep Dive

  A recent community post on application architecture made some excellent points about planning architecture early in Zoho Creator projects. The core message is right — Creator applications have a habit of growing organically into maintenance nightmares,

• Remove my video

  Hi, How can I remove my video so that I don't have to see myself. It's weird so I always remove my own video from what I see but cannot find this feature here. Thanks!

• Client Script: Any plans to add support for multi-select field with onChange

  Client Script is fantastic and the documentation lists multiselect form fields as unsupported. Just wondering if there are any plans to make this a supported field. https://www.zoho.com/crm/developer/docs/client-script/client-script-events.html 2. Field

• Zoho Campaigns API endpoint for contact details

  there is some REST API support for Zoho Campaigns, however, I am not able to find an endpoint for "get contact details".  in particular, I'd like to access contact's subscription status and also their topic. ideally there is all profile available including

• Feature Reqeust - Include MPN In Selectable FIelds

  I have noticed that the MPN is not available to show in the list view of Items. Please consider adding it as EAN, UPC and ISBN are all available, so it doesn't make much sense to exclude this similar option. Thanks for considering my feedback.

• Experience effortless record management in CRM For Everyone with the all-new Grid View!

  Hello Everyone, Hope you are well! As part of our ongoing series of feature announcements for Zoho CRM For Everyone, we’re excited to bring you another type of module view : Grid View. In addition to Kanban view, List view, Canvas view, Chart view and

• Windows Desktop Application for Bigin

  I'm finding the need for a standalone Bigin desktop app for Windows users. Most of my daily work is done through a browser, so I often have several open tabs while working with customers and checking product information, etc. With Bigin currently only

• Incoming email replies not automatically associating with Deals/Opportunities - Is this possible in Zoho CRM?

  Hello Zoho Community, I'm running a travel agency (B2B and B2C) and we've been struggling with what seems like a basic functionality that we cannot get to work properly. Our use case: We send emails to suppliers (hotels, transportation companies) and

• Set another Layout as Standard

  We created a few layouts and we want to set another one to standard:

• Next Page