locked
A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49. RRS feed

  • Question

  • RDS 2012
    Remote app server 2012 - approx. 20 clients - get these errors in event viewer repeatedly. Some users report they must restart PC after returning from being away in order for remote app to allow them to reconnect.

    How could I get rid of these event viewer errors?


    RDS Log File

    Log Name:      Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational

    Source:        Microsoft-Windows-RemoteDesktopServices-RdpCoreTS

    Date:          3/3/2015 7:47:51 PM

    Event ID:      97

    Task Category: RemoteFX module

    Level:         Warning

    Keywords:     

    User:          NETWORK SERVICE

    Computer:      REMOTE1.XXX.local

    Description:

    The RDP protocol component X.224 detected an error (0) in the protocol stream and the client was disconnected.

     

    System Log Error

    Log Name:      System

    Source:        Schannel

    Date:          3/4/2015 10:42:02 AM

    Event ID:      36887

    Task Category: None

    Level:         Error

    Keywords:     

    User:          SYSTEM

    Computer:      REMOTE1.XXX.Local

    Description:

    A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.


    Monday, March 9, 2015 4:10 PM

Answers

All replies

  • Hi,

    You can check this following article for information.
    SSL/TLS Alert Protocol & the Alert Codesv
    http://blogs.msdn.com/b/kaushal/archive/2012/10/06/ssl-tls-alert-protocol-amp-the-alert-codes.aspx

    http://blogs.msdn.com/b/scstr/archive/2012/02/29/how-to-troubleshoot-the-terminal-server-security-layer-detected-an-error-in-the-protocol-stream-and-has-disconnected-the-client-client-ip-and-the-rdp-protocol-component-x-224-detected-an-error-in-the-protocol-stream-and-has-d.aspx

    Hope it helps!

    Thanks.

    Dharmesh Solanki

    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Tuesday, March 10, 2015 7:10 AM
  • Hi guys,

    I have a solution to solve above mentioned issue. Below I have shared the information about TLS protocol defined fatal alert code is 42. 

    bad_certificate-->There is a problem with the certificate, for example, a certificate is corrupt, or a certificate contains signatures that cannot be verified.

    Friday, October 21, 2016 3:32 PM
    1. Start Registry Editor. To do this, click Start, click Run, type regedt32, and then click OK.
    2. Locate the following key in the registry:
      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL
    3. On the Edit menu, click Add Value, and then add the following registry value:

      Value Name: EventLogging
      Data Type: REG_DWORD
      Note After you add this property, you must give it a value. See the table in the "Logging options" section to obtain the appropriate value for the kind of events that you want to log.
    4. Exit Registry Editor.
    5. Click Start, click Shut Down, click to select Restart, and then click OK to restart the computer. (Logging does not take effect until after you restart the computer).
    Thursday, December 14, 2017 1:17 PM

    Note After you add this property, you must give it a value. See the table in the "Logging options" section to obtain the appropriate value for the kind of events that you want to log

    What Table?
    Tuesday, July 31, 2018 2:13 PM

    Note After you add this property, you must give it a value. See the table in the "Logging options" section to obtain the appropriate value for the kind of events that you want to log

    What Table?

    Monday, October 8, 2018 3:55 PM
  • Logging options

    The default value for Schannel event logging is 0x0000 in Windows NT Server 4.0, which means that no Schannel events are logged. In Windows 2000 Server and Windows XP Professional, this value is set to 0x0001, which means that error messages are logged. Additionally, you can log multiple events by specifying the hexadecimal value that equates to the logging options that you want. For example, to log error messages (0x0001) and warnings (0x0002), set the value to 0x0003.

    Value Description
    0x0000 Do not log
    0x0001 Log error messages
    0x0002 Log warnings
    0x0004 Log informational and success events

    https://support.microsoft.com/en-gb/help/260729/how-to-enable-schannel-event-logging-in-iis

    Friday, November 30, 2018 11:04 AM
  • Sadly these links and many like it are no longer active unless you find 404 Errors helpful. Typical Microsoft responses give inks instead of real answers and then kill the linked page. 
    Monday, June 22, 2020 5:30 PM