Jump to content

Question About Event Id 36871 Schannel


Recommended Posts

When I turn my computer on in the morning and boots up in event viewer I get a fatal error occurred while creating a TLS client credential.  My computer is not on a server it is a home computer.  I seem to be alright connecting to the internet and things.  Just wondering if there is anything to worry about this?   I have looked this stuff up but I don't understand what is it saying.  So I just was wondering if anyone can explain this and if there is a need to worry about this?  Thank you

Link to post
Share on other sites
  • Administrators

Do you have any reason to think that it's ESET related? The thing is ESET uses OpenSSL and not the system Schannel.

Link to post
Share on other sites
  • Administrators

As I wrote, ESET doesn't leverage Schannel so I assume that you would get the error even with ESET uninstalled.

Link to post
Share on other sites

This gist of this error is a mismatch of cypher suites being deployed:

This posting relates to SSL issues but that same can happen in TLS:

Quote
Looking in the Windows Event Log, I found an error from Schannel with Event ID 36871, and the error text "a fatal error occurred while creating an SSL server credential.  The internal error state is 10011."
 
I eventually narrowed this down to the fact that the vendor had turned on FIPS-compliant algorithms.  However, on this system, I had set the allowed cipher suites to "modern" algorithms like ECDHE-RSA-AES256-SHA384, which is not FIPS-compliant but is more secure; i.e. FIPS-compliant algorithms are old and less secure.

https://teridon73.blogspot.com/2018/08/windows-schannel-error-event-id-36871.html

Tracking down the source in your case will take some effort.

Edited by itman
Link to post
Share on other sites

Thank You Itman for all the information. I found this on Microsoft Docs about Schannel. I'm assuming that I don't need to worry about this because it say under user action is to safely ignore this message.

Event ID 36871: A Fatal Error Occurred While Creating An SSL (client or server) Credential

This behavior is caused by the SMTP service processing an incoming EHLO command if no certificate is assigned to an SMTP site. This message is logged twice, once when the SMTP service starts, and once when the first EHLO command is received.

Simple Mail Transfer Protocol (SMTP) controls how email is transported and then delivered across the Internet to the destination server. The SMTP EHLO command enables the server to identify its support for Extended Simple Mail Transfer Protocol (ESMTP) commands.

Details

 
 
Product Windows operating system
ID 36871
Source Schannel
Version 6.0

6.1

6.2
Symbolic Name  
Message Type: Error

A fatal error occurred while creating an SSL server credential.
User action This is an erroneous Event log entry. You can safely ignore this message. To prevent this Event log entry, you must assign a certificate to the SMTP site.
   
   
   
   
   
   
Edited by Purpleroses
Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...