Purpleroses 21 Posted October 31, 2020 Share Posted October 31, 2020 When I turn my computer on in the morning and boots up in event viewer I get a fatal error occurred while creating a TLS client credential. My computer is not on a server it is a home computer. I seem to be alright connecting to the internet and things. Just wondering if there is anything to worry about this? I have looked this stuff up but I don't understand what is it saying. So I just was wondering if anyone can explain this and if there is a need to worry about this? Thank you Link to comment Share on other sites More sharing options...
Administrators Marcos 5,070 Posted October 31, 2020 Administrators Share Posted October 31, 2020 Do you have any reason to think that it's ESET related? The thing is ESET uses OpenSSL and not the system Schannel. Link to comment Share on other sites More sharing options...
Purpleroses 21 Posted October 31, 2020 Author Share Posted October 31, 2020 I was not to sure if is Microsoft issue or an Eset Issue? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,070 Posted October 31, 2020 Administrators Share Posted October 31, 2020 As I wrote, ESET doesn't leverage Schannel so I assume that you would get the error even with ESET uninstalled. Link to comment Share on other sites More sharing options...
itman 1,659 Posted October 31, 2020 Share Posted October 31, 2020 (edited) This gist of this error is a mismatch of cypher suites being deployed: This posting relates to SSL issues but that same can happen in TLS: Quote Looking in the Windows Event Log, I found an error from Schannel with Event ID 36871, and the error text "a fatal error occurred while creating an SSL server credential. The internal error state is 10011." I eventually narrowed this down to the fact that the vendor had turned on FIPS-compliant algorithms. However, on this system, I had set the allowed cipher suites to "modern" algorithms like ECDHE-RSA-AES256-SHA384, which is not FIPS-compliant but is more secure; i.e. FIPS-compliant algorithms are old and less secure. https://teridon73.blogspot.com/2018/08/windows-schannel-error-event-id-36871.html Tracking down the source in your case will take some effort. Edited October 31, 2020 by itman Link to comment Share on other sites More sharing options...
itman 1,659 Posted October 31, 2020 Share Posted October 31, 2020 (edited) Now this article: https://kb.eventtracker.com/evtpass/evtPages/EventId_36871_Schannel_45297.asp is fairly specific in stating it is SSL SMTP; i.e. e-mail, related. SMTP is used by most e-mail providers to receive e-mail. Edited October 31, 2020 by itman Link to comment Share on other sites More sharing options...
Purpleroses 21 Posted October 31, 2020 Author Share Posted October 31, 2020 (edited) Thank You Itman for all the information. I found this on Microsoft Docs about Schannel. I'm assuming that I don't need to worry about this because it say under user action is to safely ignore this message. Event ID 36871: A Fatal Error Occurred While Creating An SSL (client or server) Credential This behavior is caused by the SMTP service processing an incoming EHLO command if no certificate is assigned to an SMTP site. This message is logged twice, once when the SMTP service starts, and once when the first EHLO command is received. Simple Mail Transfer Protocol (SMTP) controls how email is transported and then delivered across the Internet to the destination server. The SMTP EHLO command enables the server to identify its support for Extended Simple Mail Transfer Protocol (ESMTP) commands. Details Product Windows operating system ID 36871 Source Schannel Version 6.0 6.1 6.2 Symbolic Name Message Type: Error A fatal error occurred while creating an SSL server credential. User action This is an erroneous Event log entry. You can safely ignore this message. To prevent this Event log entry, you must assign a certificate to the SMTP site. Edited October 31, 2020 by Purpleroses Link to comment Share on other sites More sharing options...
Recommended Posts