Skip to main content

Consistent Schannel Errors on Windows Logs


Event ID 36882: The Certificate Received From the Remote Server Was Issued By an Untrusted Certificate Authority.

Because authentication relies on digital certificates, certification authorities (CAs) such as Verisign or Active Directory Certificate Services are an important part of TLS/SSL. A CA is a mutually-trusted third party that confirms the identity of a certificate requestor (usually a user or computer), and then issues the requestor a certificate. The certificate binds the requestor’s identity to a public key. CAs also renew and revoke certificates as necessary. For example, if a client is presented with a server’s certificate, the client computer might try to match the server’s CA against the client’s list of trusted CAs. If the issuing CA is trusted, the client will verify that the certificate is authentic and has not been tampered with.

The Schannel provider creates the list of trusted certification authorities by searching the Trusted Root Certification Authorities store on the local computer. When Schannel detects a certificate that was issued by an untrusted certification authority, this error is logged.

The issue could be due to improper import of SSL CA.

Resolution : Re-import the certificate and monitor further.

 Fatal Error codes and description at : Error codes and descriptions
Labels:

Comments

Post a Comment

Popular posts from this blog

Active Directory in Windows

                                                                Active Directory in Windows  When a windows server is bought it comes with many capabilities like AD groups for security, IIS(Internet Information Services), ability to built own VPN and many more of which Active directories are created with a domain and the computers which access the network will be connecting to the domain controllers. Practically, there will be a cluster of domain controllers where data will be replicated all over the cluster.
Post a Comment
Read more

Internet.org

                                                        Internet.org Internet.org is a non-profitable oraganisation founded by facebook and six other companies to bring affordable access to internet services to less developed countries by increasing efficiency, and facilitating the development of new business models around the provision of Internet access. It has been criticized for violating net neutrality and favouring facebook's own services. An Indian journalist criticized it as" being just a Facebook proxy targeting India's poor" as it provides restricted Internet access to Reliance Telecom's subscribers in India.However, in early May 2015, Facebook announced that this platform would be opened to websites that met its criteria.           ...
Post a Comment
Read more