Event Viewer System Error " Schannel - Event ID 36881" ?

[Thesk]

Hi guys.

Lately i've been receiving this Error message in the Computer Management window.

Event 36881, Schannel

Link to pic, because the size of the pic is 1920x1080
(and i'm to lazy to re-size it, so that it could fit in here )
" onclick="window.open(this.href);return false;" onclick="window.open(this.href);return false;
(as you can see in the pic, that this error is occurring all the time non-stop.)

message:

The certificate received from the remote server has either expired or is not yet valid. The TLS connection request has failed. The attached data contains the server certificate.

I've been diggin' and found out that this event is Server related, but i'm not receiving this event on a server. nor do i have a server in my home.
this error ruined a game i played, it froze up my pc.

how do i get rid of it?
can i somehow restore that TLS connection, that the error message mentions?

many thx Theo

[ayu]

Haven't gotten this issue before, but are you using Wifi or do you have any Symantec products installed?

A lot of answers online seem to have with Wifi or Symantec to do.
Some people have solved it by removing old expired certificates via MMC.

https://support.symantec.com/en_US/arti ... 17817.html" onclick="window.open(this.href);return false;

https://www.experts-exchange.com/questi ... valid.html" onclick="window.open(this.href);return false;

[Thesk]

Haven't gotten this issue before, but are you using Wifi or do you have any Symantec products installed?

A lot of answers online seem to have with Wifi or Symantec to do.
Some people have solved it by removing old expired certificates via MMC.

https://support.symantec.com/en_US/arti ... 17817.html" onclick="window.open(this.href);return false;" onclick="window.open(this.href);return false;

https://www.experts-exchange.com/questi ... valid.html" onclick="window.open(this.href);return false;" onclick="window.open(this.href);return false;

no i don't use products from Symantec. a lot of "answers", "suggestions" etc is about servers even the second link you've posted is about the error happening on client pc trying to connect to wifi on a company/organization network.

For client PC's to access our wireless network we use certificates (WPA2 / AES). These certificates are auto generated upon request from the client PC. These requests are carried out by the intermediate CA Server.

hi own solution:

I ended up fixing my problem. As I noted in my question, iPhones were working correctly with wifi, however my Windows Clients weren't with regards to certificate based authentication. This pinpoints an issue with my windows clients and they way I was setting up the connection for the wireless profile. The fix was to uncheck "Validate server certificate" in the "Smart Card or other Certifiacte Properties page".

i'm sorry to say it but this doesn't apply to me as i don't have a Intermediate CA Server to give me new logon keys for my WIFI (... i think )... the solutions he mentions is ok, but still it doesn't apply to me. As the pc i'm having this error on, is my Gamer/studio pc which is a huge machine, coupled on to a normal Ethernet based 10/100/1000 LAN connection.
My network is basic:
internet : Fiber optics modem from ISP (which has in-built wifi Router)
LAN: 8 port Linksys Gigabit Switch which distributes LAN to:
Gamer pc in the office,
Media Laptop in the living room under the TV,
Storage PC with shared folders.
cables laying free in the kitchen, Bathroom, diner room and an extra in the office

i only use wifi with my smartphones.

so it bugs me, why is this error popping up in my pc which is not a server, nor is it on wifi, neither does it have any Symantec products installed. ?

[ayu]

It's frustrating that the error doesn't give us much details to go on.
So the causing application can be anything I guess.

This doesn't solve the actual problem, but you can try to disable the logging of the error (since it's logging so often).
Not that I think it will help that much, as it's not continuously spamming it.

Another thing I would try would be to:

1: Scan the machine with an update Anti virus (I like bitdefender)
2: Clean it using an application like CCleaner
3: Make sure the computer is up to date with Windows Update

And see what results you get there.
Schannel has had some vulnerabilities in the past so it's not impossible that something is laying in the background trying to exploit it (Unlikely, but we don't have much to go on here).

I was looking up how important SChannel is and if we can disable it, but that seems like a bad solution.

Are you sure that this it the cause of your freezes btw?

[Thesk]

It's frustrating that the error doesn't give us much details to go on.
So the causing application can be anything I guess.

This doesn't solve the actual problem, but you can try to disable the logging of the error (since it's logging so often).
Not that I think it will help that much, as it's not continuously spamming it.

Another thing I would try would be to:

1: Scan the machine with an update Anti virus (I like bitdefender)
2: Clean it using an application like CCleaner
3: Make sure the computer is up to date with Windows Update

And see what results you get there.
Schannel has had some vulnerabilities in the past so it's not impossible that something is laying in the background trying to exploit it (Unlikely, but we don't have much to go on here).

I was looking up how important SChannel is and if we can disable it, but that seems like a bad solution.

Are you sure that this it the cause of your freezes btw?

well i guess i was wrong about that, that Schannel was the cause of my freezes.

i've all those things you've pointed out, and that din't help.

my next question is, What is Schannel anyway? and what is a TLS connection ? and what application (s) is it related to ?

i'm sorry for all the questions, but i can't sort out all information google gives me about Schannel. the things i read about it is complicated stuff and there's so much information of it written in technical English that i have a very hard time to understand.

Cheers !

[ayu]

well i guess i was wrong about that, that Schannel was the cause of my freezes.

i've all those things you've pointed out, and that din't help.

my next question is, What is Schannel anyway? and what is a TLS connection ? and what application (s) is it related to ?

i'm sorry for all the questions, but i can't sort out all information google gives me about Schannel. the things i read about it is complicated stuff and there's so much information of it written in technical English that i have a very hard time to understand.

Cheers !

You know how sometimes you go to HTTP websites, and sometimes HTTPS websites?

HTTP = Clear text (anyone between you and the website can read your information, basically)
HTTPS = Encrypted traffic, meaning just about no one can read it (except NSA and such)

The S in HTTPS stands for secure (or maybe it was SSL, whatever) and means that the connection is using SSL/TLS (encryption, basically).
Loads of applications use it today, and SChannel seems to provide that service in Windows.
In your case it seems that a certificate that SChannel has access to, has expired, for whatever reason.
It's hard to know exactly which application is responsible, but you could try and to what the "server guides" tell you and see if you can find any expired certificates.

If you want to get a bit more technical in trying to solve the issue, you could install Wireshark and look at the traffic.
You could then try to time the Wireshark log with the Event log and try to identify what IP is being connected to (may or may not work, not sure exactly how SChannel works).

Did you do the registry scan with CCleaner?
That usually clears up a lot of mistakes.
And if possible I would also try to remove old unused applications on the machine (and then run the CCleaner clean and registry scan again to remove anything left behind).
Other than that, I'm not sure ... worst case scenario I guess you would have to reinstall to see if that solves the problem.