-DJL-
asked on
Event Log - Schannel Event ID: 36888
I am in the process of setting up a Microsoft TMG Enterprise server on a new Dell PowerEdge R610
I have installed Windows Server 2008 R2 Enterprise, Exchange 2010 Edge Transport Service, ForeFront 2010 for Exchange and finally TMG 2010 as per the TechNet TMG installation guides.
This is the first TMG server I have setup with the Exchange Edge Transport Service.
Around the point at which I installed Exchange 2010, the system event log started filling up with the following entries:
Source: Schannel
Event ID: 36888
User: System
Message: The following fatal alert was generated: 10. The internal error state is 10.
TMG seems to be working correctly - proxy, web filtering, server publishing etc
I have installed two SSL certificates - one was requested from our internal certificate server and I have Exchange enabled that certificate for SMTP. The other certificate is our public SSL certificate we use for website publishing - and ultimately SMTP but in case their were problems with the intermediate certificates I haven't yet enabled it for SMTP.
I'm having trouble finding any useful information about the Schannel error - can anyone help.
Thanks.
I have installed Windows Server 2008 R2 Enterprise, Exchange 2010 Edge Transport Service, ForeFront 2010 for Exchange and finally TMG 2010 as per the TechNet TMG installation guides.
This is the first TMG server I have setup with the Exchange Edge Transport Service.
Around the point at which I installed Exchange 2010, the system event log started filling up with the following entries:
Source: Schannel
Event ID: 36888
User: System
Message: The following fatal alert was generated: 10. The internal error state is 10.
TMG seems to be working correctly - proxy, web filtering, server publishing etc
I have installed two SSL certificates - one was requested from our internal certificate server and I have Exchange enabled that certificate for SMTP. The other certificate is our public SSL certificate we use for website publishing - and ultimately SMTP but in case their were problems with the intermediate certificates I haven't yet enabled it for SMTP.
I'm having trouble finding any useful information about the Schannel error - can anyone help.
Thanks.
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
<EventID>36888</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2010-01-15T19:23:40.831677400Z" />
<EventRecordID>62593</EventRecordID>
<Correlation />
<Execution ProcessID="556" ThreadID="5096" />
<Channel>System</Channel>
<Computer>SERVER.DOMAIN.COM</Computer>
<Security UserID="S-1-5-18" />
</System>
- <EventData>
<Data Name="AlertDesc">10</Data>
<Data Name="ErrorState">10</Data>
</EventData>
</Event>
Generally I would not prefere to run Exchange and TMG on the same machine.
It could result in various errors ... had a similar problem some years ago with ISA 2006!
Regards Dave
It could result in various errors ... had a similar problem some years ago with ISA 2006!
Regards Dave
ASKER
CompanionCube, i've check everything per that ISA article and all appears ok.
I have noticed that compared to my test TMG server there are significantly fewer certificates in the "Trusted Root Certification Authority" and "Third-Part Root Certification Authority" stores. Any ideas what causes these stores to differ?
Dave, TMG is designed to be installed with the Exchange Edge Transport service and Forefront 2010 to provide email virus scanning/spam filtering at the network perimeter.
Thanks,
Daniel
I have noticed that compared to my test TMG server there are significantly fewer certificates in the "Trusted Root Certification Authority" and "Third-Part Root Certification Authority" stores. Any ideas what causes these stores to differ?
Dave, TMG is designed to be installed with the Exchange Edge Transport service and Forefront 2010 to provide email virus scanning/spam filtering at the network perimeter.
Thanks,
Daniel
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
DJL,
I am having this error every 10 minutes, alternating to every 20 minutes, on a dell R710 with server 2008 R2. Are you convinced its the NIC drivers ? It's only started happening the last day for me..
Ben
I am having this error every 10 minutes, alternating to every 20 minutes, on a dell R710 with server 2008 R2. Are you convinced its the NIC drivers ? It's only started happening the last day for me..
Ben
ASKER
Hi Ben,
No i'm not anymore. There was a thread about this on the Microsoft TechNet forums but no solution was found.
Are you running TMG or Exchange 2010?
No i'm not anymore. There was a thread about this on the Microsoft TechNet forums but no solution was found.
Are you running TMG or Exchange 2010?
I have the same issue and I'm running neither TMG nor Exchange. I am running Win 2008 Ent with Hyper-V
Same issue on a Sharepoint 2010, Windows 2008 R2 box.
Schannel > Fatal Alert 10 > Internal Error 1203
Running on an HP Proliant DL360 G6 with Teamed NICs
Forefront for Sharepoint is also installed.
It seems that when this error occurs the server will freeze and requires a hard reboot.
Schannel > Fatal Alert 10 > Internal Error 1203
Running on an HP Proliant DL360 G6 with Teamed NICs
Forefront for Sharepoint is also installed.
It seems that when this error occurs the server will freeze and requires a hard reboot.
I found a thread that stated it has to do with the TLS Setting in IE8. Might check under Tools >> Internet Options, and then Look at the Security section and try unchecking all TLS boxes and seeing if the issue persists.
any luck with this? I am having the same issue
me too...
Virtual Windows Sever 2008 R2 Ent running nothing but exchange 2010. The error started 2 weeks ago and nothing suggested has helped. Nothing was installed in that time or anything funny like that. All other VR machines running on the physical server are not having this issue.
Physical 2008 R2 Ent box with SQL 2008 R2 on it. Same Schannel error at the exact same time every day (12:00)
http://forums.isaserver.org/m_2002046069/mpage_1/key_/tm.htm#2002046636
"That is a valid message and indicates that you've messed up the common names on the certificates or you're not referring to the servers by their common names or your DNS is [incorrect]"