event id 36887 schannel fatal error 40
be down. Please try the request again. Your cache administrator is webmaster. Generated Thu, 13 Oct 2016 19:07:01 GMT by s_ac5 (squid/3.5.20)
Internet Explorer 11 on a Windows 2008 R2 server, I always got a "Page a fatal alert was generated and sent to the remote endpoint server 2012 cannot be displayed" error. I could, though, access that page the following fatal alert was received 70 from another machine or another browser on the same server. Looking in the Event Viewer I
A Fatal Alert Was Received From The Remote Endpoint 36887saw: Log Name: System Source: Schannel Date: 05.01.2015 12:11:58 Event ID: 36887 Task Category: None Level: Error Keywords: User: SYSTEM Description: The following fatal alert was http://answers.microsoft.com/en-us/windows/forum/windows8_1-performance/schannel-event-id-36887-tls-fatal-alert-code-40/63a19616-3197-4545-9e3a-a9e9742cb2fc received: 40. Schannel error 40 means: SSL3_ALERT_HANDSHAKE_FAILURE So I checked with SSL Labs which Ciphers my browser offers: https://www.ssllabs.com/ssltest/viewMyClient.html It looks like it was offering very old ciphers first TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA ... I checked the following Registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002 It contained exactly the same old ciphers first! So I looked http://www.basics.net/2015/01/05/windows-schannel-error-40-and-internet-explorer/ at a Windows 7 client that was working and saw that there were the newer and more secure ciphers listed first: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521 ... I copied the Registry entry of the working machine to the server, rebooted the server and - Bingo - I could now access the web page. Post navigation Previous PostESXi 5.5: How to install an update via SSH OfflineNext PostWindows Updates to avoid: Adware to promote Windows 10: KB3035583 Leave a Reply Cancel reply Your email address will not be published. Required fields are marked *Comment Name * Email * Website My experience with servers, networks and gadgets. Blogroll Blackberry Expert Support Center Blackberry Support Forum Dexion Services AG Kerio Connect Forum Recent CommentsAdmin on Blackberry 10: Remove Anti-Theft Protection from DeviceSiju Jacob on Unlocking shared files on Windows 2008 R2 ServerKuzqo on Blackberry 10: Remove Anti-Theft Protection from DeviceLe Munyika on About basics.netLe Munyika on Bl
& Malware White Papers Endpoint Security CybercrimeCyberwarfare Fraud & Identity Theft Phishing Malware Tracking & Law Enforcement Whitepapers Mobile & http://www.securityweek.com/microsoft-warns-issues-recent-schannel-update-patch-away WirelessMobile Security Wireless Security Risk & ComplianceRisk Management Compliance Privacy Whitepapers Security ArchitectureCloud Security Identity & Access Data Protection White Papers Network Security Application Security Management & StrategyRisk Management Security Architecture Disaster Recovery Training & Certification Incident Response SCADA / ICS Home › Network SecurityMicrosoft Warns of Issues With Recent fatal alert SChannel Update, But Patch Away! By Mike Lennon on November 17, 2014 Tweet Last week, Microsoft released 14 security bulletins as part of Patch Tuesday for November 2014. The updates contained four rated as critical, but one has been receiving the most of attention: A vulnerability that affects Windows Secure Channel fatal alert was (SChannel) security package in Windows. While Microsoft released the update (MS14-066) to address the Schannel Remote Code Execution Vulnerability (CVE-2014-6321), the software giant has reported that some users who have applied the patch are having issues, including a fatal TLS error. “We are aware of an issue in certain configurations in which TLS 1.2 is enabled by default, and TLS negotiations may fail,” Microsoft noted in a knowledge base article. “When this problem occurs, TLS 1.2 connections are dropped, processes hang (stop responding), or services become intermittently unresponsive." Microsoft warned that some users may receive an error message that resembles the following in the System log in Event Viewer: Log Name: System Source: Schannel Date: Date and time Event ID: 36887 Task Category: None Level: Error Keywords: User: SYSTEM Computer: ComputerName Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.