Link to home
Start Free TrialLog in
Avatar of Daniel Checksum
Daniel ChecksumFlag for United States of America

asked on

A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 46. How do I begin troubleshooting this?

I have little to no experience dealing with certificates.  The most I've done with them is "ordered" a few from the vendor.  Didn't actually do any of the install.  I get these SChannel 36887 errors 2-3 times per minute on an exchange 2013 server running server 2012.  Where do I begin?  There is a certificate utility i've opened and it shows our certificate for the server expiring in 2020.  What else can I do with this?
SOLUTION
Avatar of Marshal Hubs
Marshal Hubs
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Daniel Checksum

ASKER

The link you provided recommends a security update, but does not have a patch for Server 2012.  Furthermore, it would be near impossible to touch each non-windows device that utilizes email.  Is there any way to narrow this down better?
SOLUTION
Avatar of giltjr
giltjr
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
To the 1st question:  The alert says "unknown certificate" so no, it doesn't know what it needs to point to.  When opening the certificate utility Exchange2013 has the proper hostname and expiration date.  I have a cert listed for:  WMSVC, Microsoft Exchange, Microsoft Exchange Server Auth Certificate, and WebMail.  


Error info:  (46)
- System
  - Provider
   [ Name]  Schannel
   [ Guid]  {1F678132-5938-4686-9FDC-C8FF68F15C85}
   EventID 36887
   Version 0
   Level 2
   Task 0
   Opcode 0
   Keywords 0x8000000000000000
  - TimeCreated
   [ SystemTime]  2016-11-15T14:00:10.979330100Z
   EventRecordID 282082
   Correlation
  - Execution
   [ ProcessID]  540
   [ ThreadID]  15816
   Channel System
   Computer Exchange2013.domain.com
  - Security
   [ UserID]  S-1-5-18
- EventData
  AlertDesc 46
OK, i've narrowed it down to the Microsoft Exchange Server Auth Certificate.  When "testing" I get "The private key was successfully tested.  Revocation check for certificate chain failed."
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks everyone, I now have a direction to move towards and most likely a solid resolution.  I simply needed to know which direction to go, thank you all.