(Republishing, or using this info in a commercial product/website, is prohibited without permission. All other uses are permitted. If in doubt, please ask.)
Description:
This wait type is a generic wait for when a thread is calling one of several Windows functions related to cryptography.
(Books Online description: N/A)
Questions/comments on this wait type? Click here to send Paul an email, especially if you have any information to add to this topic.
Added in SQL Server version:
2008
Removed in SQL Server version:
N/A
Extended Events wait_type value:
The map_key value in sys.dm_xe_map_values is 420 in 2008 and 2008 R2, 468 in 2012, and 484 in 2014 RTM. After 2014 RTM, you must check the DMV to get the latest value as some map_key values have changed in later builds.
Other information:
If you see long waits for this wait type, have your infrastructure team investigate performance issues with servers that provide cryptographic services to the domain (for instance, the server for an Enterprise Key Management system).
Note that when a thread calls out to Windows, the thread changes from non-preemptive (SQL Server controls the thread) to preemptive (Windows controls the thread) mode. The thread’s state will be listed as RUNNING, as SQL Server doesn’t know what Windows is doing with the thread.
Known occurrences in SQL Server (list number matches call stack list):
- Retrieving an SSL certificate (in this case, while initializing TDS during instance startup)
- Encrypting data using the service master key (in this case, while initiating a login to a linked server)
And other similar call stacks.
Abbreviated call stacks (list number matches known occurrences list):
- SOS_Task::PopWait+b1
SOS_ExternalAutoWait::~SOS_ExternalAutoWait+7c
SOS_Task::AutoSwitchPreemptive::~AutoSwitchPreemptive+5d
CSECFallBackCert::Init+86a
CSECFallBackCert::InitInstance+174
GetFallBackCertContext+10
Ssl::InitializeListener+334
SNIInitializeListener+550
NodeListener::EndpointSet::Initialize+13b
NodeListener::Initialize+4f
SNIStartListening+7e
TDSSNIClient::Init+230
InitializeTDS+61
FRunCommunicationsManager+4e
CommunicationsManager+3c6
SOS_Task::Param::Execute+21e
SOS_Scheduler::RunTask+ab - SOS_Task::PopWait+bc
SOS_Task::AutoSwitchPreemptive::~AutoSwitchPreemptive+72
CSECMachineAccountEncryption::UnProtectData+7e
CSECDPAPIEncryptionMechanism::DecryptUsingDPAPI+136
CSECDPAPIEncryptionMechanism::GetDecryptedSMK+97
CSECServiceMasterKey::Initialize+1de
EncryptByServiceMasterKey+c1
Invoke_LinkedServer_NewLinkedLogin+130
CStmtInvoke::XretExecute+2fa
CXStmtDDL::XretExecute+71
CMsqlExecContext::ExecuteStmts<1,1>+352
CMsqlExecContext::FExecute+878
CSQLSource::Execute+7d3