Event ID: 36885 - Schannel
Posted on 2013-12-12
My event system log is filling up with the following errors:
Log Name: System
Date: 12/12/2013 7:40:12 AM
Event ID: 36885
Task Category: None
When asking for client authentication, this server sends a list of trusted certificate authorities to the client. The client uses this list to choose a client certificate that is trusted by the server. Currently, this server trusts so many certificate authorities that the list has grown too long. This list has thus been truncated. The administrator of this machine should review the certificate authorities trusted for client authentication and remove those that do not really need to be trusted.
One of the fixes is to go through the Trusted Root Certification Authorities and remove any hosts that are not needed. How do I determine what hosts can be removed?
Is there an alternative fix to this? I have to be careful as the Exchange server certificates are installed on this machine.