Solved

Schannel error logged every few seconds in SYSTEM log ?

Posted on 2015-01-28
5
4,699 Views
Last Modified: 2015-02-12
People,

I'm having a strange problem that I'm still investigating and don't understand, I have looked through the Event viewer in one of my backup server and it seems that the SChannel error is logged daily every few seconds ?

see the below error:

Log Name:      System
Source:        Schannel
Date:          29/01/2015 10:32:31 AM
Event ID:      36888
Task Category: None
Level:         Error
Keywords:      
User:          SYSTEM
Computer:      BackupServer01.domain.com
Description:
The following fatal alert was generated: 40. The internal error state is 1205.

Log Name:      System
Source:        Schannel
Date:          29/01/2015 10:32:31 AM
Event ID:      36874
Task Category: None
Level:         Error
Keywords:      
User:          SYSTEM
Computer:      BackupServer01.domain.com
Description:
An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Log Name:      System
Source:        Schannel
Date:          29/01/2015 10:32:20 AM
Event ID:      36874
Task Category: None
Level:         Error
Keywords:      
User:          SYSTEM
Computer:      BackupServer01.domain.com
Description:
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Open in new window


The server is Windows Server 2008R2 SP1 running as physical box HP DL 380p G7

From the backup application perspective, I see there is no error and it functioning as it should, but somehow I still don't understand as to why it is logged continuously every 10-20 seconds.

Any idea please ?
0
Comment
  • 3
  • 2
5 Comments
 
LVL 77

Assisted Solution

by:arnold
arnold earned 500 total points
ID: 40577974
The error, "An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed."
The ciphers

You've followed the recent suggestions by MS to disable the ssl 3.0 support on your system via "registry edit" of schannel and cipher suit.

The client is still trying to use SSL 3.0 which is what this error says,
The TLS error says the options available on this system do not include the ciphers for TLS that the client has.


Is the log entry from backupserver01 if not, backupserver01 is the one having an issue, check what SChannel settings it has and what ciphers for TLS does it have.
Is it also a windows 2008 or newer server, or older?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40578530
BackupServer01 is a physical box running Windows Server 2008 R2
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 40578592
The issue in the two messages deals with mismatch in cryptography (encryption) your schannel setting is to deny SSL 3.0.  Your TLS enabled ciphers are not available on the client system that makes the connection attempts.

Does this system have a CA role installed?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40578621
No, it only have Backup Exec 2012 and also Veeam backup running.
0
 
LVL 7

Author Closing Comment

by:Senior IT System Engineer
ID: 40607329
Thanks !
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question