Windows Certificates (Schannel 36885)

Ohh, Blog post by Email ;-)

Okay so following on from my last post (https://blog.flaphead.com/2014/03/16/windowspowershell-and-windows-certificates-2/) I wanted to share the reason behind the script.

We have been seeing lots of these in the System Event Log on out Exchange Servers:

Log Name: System
Source: Schannel
Event ID: 36885
Description:
When asking for client authentication, this server sends a list of trusted certificate authorities to the client. The client uses this list to choose a client certificate that is trusted by the server. Currently, this server trusts so many certificate authorities that the list has grown too long. This list has thus been truncated. The administrator of this machine should review the certificate authorities trusted for client authentication and remove those that do not really need to be trusted.

It turns out this is because Update for Root Certificates For Windows Server 2008 R2 x64 Edition [December 2012] (KB931125) was installed on some of the Exchange Servers but not all.

So I have another script to show Installed and Pending windows updates ;-) that I will share later.

Hope this helps

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: