AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of principiamanagement
principiamanagement
Flag for Indonesia asked on

Schannel Error, System Event Log 36887

from last 2 weeks all our Win 8 / 8.1 machines started to behave erratically

Below is error message in the EventLog

A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

and most of the applications dont work

iTunes Error - 0x80090326
Evernote Error - Could Not connect to the server
Windows Update - 0x80072EFE

All error point to network, but the network is good and we ruled it out becuase of the following

a packet capture revealed that there is a SSL3_ALERT_UNEXPECTED_MESSAGE / SEC_E_ILLEGAL_MESSAGE due to this the SSL handshake after the TCP Connection becomes fatal

Any help appreciated
SK
Windows 8SSL / HTTPSEncryption
Avatar of undefined
Last Comment
paarun
8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
paarun
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
principiamanagement
ASKER
yes correct but it was updated by a newer version of the patch https://support.microsoft.com/en-us/kb/2992611

but it really wired that we started having this problem 2 weeks ago on all of our win 8 machine


THanks
SK
SOLUTION
paarun
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
principiamanagement
ASKER
we have a WSUS and did approved patches in the last 2 week. But thanks for the reminder on Patch Tuesday and seems thats the best shot I have
principiamanagement
ASKER
Hi Paarun, we had two

    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,

configured on our GPO which was causing this issue. Once we remove those all communications were ok.
Your help has saved me hundreds of hours of internet surfing.
fblack61
paarun
That's great. Good to hear you found the issue.
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent