none
Schannel Error ID 36888 RRS feed

  • Question

  • In my Windows Server 2008 R2 OS in the event viewer There is an error as( Schannel Error ID 36888-The following fatal alert was generated:10.The internal error state is 10).What is this error? What is the remedy for this error?


    MumthazMuhsin
    Monday, September 26, 2011 11:06 AM

Answers

  • Hi,

    This issue occurs because a handshake fails in TLS 1.0.  Please consider the following scenario:

    • You enable the SSL Inspection feature on a server that has Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1 (SP1) installed.

    • You configure an HTTPS server that does not support Transport Layer Security (TLS) 1.0.

    • You try to access the server repeatedly by using a client computer that has Forefront TMG 2010 SP1 installed.

    In this scenario, all attempts to access the server fail, and the Lsass.exe process leaks memory after every attempt. Additionally, the event entry Schannel Error ID 36888 mentioned above is logged for every attempt.

    To resolve this issue, install the software update that is described in the following Microsoft Knowledge Base (KB) article:

    2288910   Software Update 1 for Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1

    http://support.microsoft.com/kb/2288910

    Besides, there is a similar thread for you to refer to:

    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/4c5430f5-43f6-41b4-97d3-03cfb3efa70b

    Hope it helps!

    Regards,

    Jane

    --------------------------------------------------------------------------------

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Tuesday, September 27, 2011 8:47 AM
    Moderator

All replies

  • Hello,

    this is an internal error and if you want to get more information, you have to contact Microsoft PSS.This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator


    Monday, September 26, 2011 11:40 AM
  • Hi,

    This issue occurs because a handshake fails in TLS 1.0.  Please consider the following scenario:

    • You enable the SSL Inspection feature on a server that has Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1 (SP1) installed.

    • You configure an HTTPS server that does not support Transport Layer Security (TLS) 1.0.

    • You try to access the server repeatedly by using a client computer that has Forefront TMG 2010 SP1 installed.

    In this scenario, all attempts to access the server fail, and the Lsass.exe process leaks memory after every attempt. Additionally, the event entry Schannel Error ID 36888 mentioned above is logged for every attempt.

    To resolve this issue, install the software update that is described in the following Microsoft Knowledge Base (KB) article:

    2288910   Software Update 1 for Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1

    http://support.microsoft.com/kb/2288910

    Besides, there is a similar thread for you to refer to:

    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/4c5430f5-43f6-41b4-97d3-03cfb3efa70b

    Hope it helps!

    Regards,

    Jane

    --------------------------------------------------------------------------------

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Tuesday, September 27, 2011 8:47 AM
    Moderator
  • I have handled this issue. this is not actually an issue that you need to worry about a lot. you can easily ignore this. what you have got to do is, do the following registry modification and your are done.

    it occurs due to an certificate negotiation issue when you machine/server try to communicate with other server/machine using TLS. ( according to the details i gathered from my experience)

    HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > SecurityProviders > SCHANNEL

    and then go to EventLogging and change it's value from 1 to 0


    That's it.

    Thursday, July 11, 2013 6:32 PM