Avatar of typetoit
typetoit
 asked on

Why would adding TLS to a database server cause the local security authority process to run really high

I have two servers behind a firewall on a local network.  I have a Windows 2008 database server that I added the TLS 1.0 Protocol under the Schannel registry key.  Then the local security authority process (lsass) on both the Windows 2012 web server and the Windows 2008 database server starts to run high.  Some times the lsass is running at 60% of the CPU.  The average can be 15-20% during the day when there is web activity.  I have added Client keys to TLS 1.0, TLS 1.1, and TLS 1.2 and added DisabledByDefault = 1, forcing the web server to connect to the database server through SSL 3.0.  I have enabled the same ciphers on the database server as the web server.  Nothing seems to work.  I am not sure where to go from here.
Networking ProtocolsWindows NetworkingNetwork Management

Avatar of undefined
Last Comment
typetoit

8/22/2022 - Mon
asavener

Is this a physical or a virtual machine?

If it's virtual, check that it's actually using a large amount of CPU by checking the performance counters on the host.

CPU measurements inside of a VM are often not accurate, because an accurate measurement depends on being able to see the idle CPU cycles.  Since a VM is only offered CPU cycles when there's a demand, there are fewer (or even zero) idle CPU cycles.
ASKER CERTIFIED SOLUTION
typetoit

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
typetoit

ASKER
I worked out the solution for myself.  I thought I would share the solution with the community.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck