@Friend, пасиба попробую чуть позже. Система естественно оригинальная Win 7 Max Service pack 1, я ею пользовался на прошлом жестком в течении 4-5 лет без проблем.
Ребят тут ещё вот что вспомнил,а могут ли эти параметры как то повлиять на появление ошибки Schannel 36887 и 36871 ???
» Пуск/Панель управления/Система,
открой вкладку Оборудование и нажми кнопку Диспетчер устройств.
Найди опцию Порты (COM или LPT), дальше жми плюсик и после того как развернулось меню выбираешь Последовательный порт (COM1). Щелкни правой кнопкой мыши и выбери Свойства.
В открывшемся окне перейди на вкладку Параметры порта и в пункте скорость выбираешь 115200 (38400) вместо жалких 9600,жмёшь ОК.
3. Дальше настраиваешь пропускную способность канала. Пуск / Выполнить, вводишь в командную строку команду gpedit.msc и нажимаешь ОК.
Выбираешь Конфигурация компьютера / Административные шаблоны / Сеть / Планировщик пакетов QoS / Ограничить резервируемую пропускную способность.
В открывшемся окне на вкладке Параметр ставишь галочку Включен.
В окне Ограничение пропускной способности (%) выставляешь 0 (там по умолчанию будет 20)(Я поставил 10%) . После того как поставил 0 – жмёшь Применить, а потом ок.
@Friend, а не могли бы Вы пояснить SmartFix:
1) SmartFix можно ли ей воспользоваться, не прибегая к установке всех обновлений Виндовс (по вашей ссылке выше)?
2) Собственно как работает сам SmartFix,просто по ссылке написано что он интегрируется в систему востановления виндовс и т.п (А то меня гуглхром уже оповестил о том что данный файл может нанести вред,смешно,но все таки).?
Изменено пользователем oROCKuro
The Problem: You open up the Windows event viewer and see loads of Red SChannel 36887 errors. If you’re like most admins, you want to fix this problem, but can’t really figure out how. These errors are notoriously hard to resolve because they don’t often happen regularly. Most of the time, you don’t know the exact configuration that caused the error, so it’s impossible to replicate the errors in a way that allows you to run wireshark to figure things out directly, so you just have to go off the error message and what it includes. In this post, I’ll go over the schannel 36887 errors, what it means, and what you should do about it.
What is SChannel?
SChannel is a shortened term for the Secure Channel system, which is what Windows uses to authenticate access and encrypt data. All of the protocols and authentication techniques are included in the SChannel system and any errors in this system are going to represent problems with processing. One thing to remember when addressing these errors; they only apply to HTTPS or other SSL/TLS encrypted sessions, unless they are tied to Active Directory domain replication or authentication errors. My focus in this article, though, is HTTPS, so we’ll ignore the other systems.
What is the 36887 Error?
SChannel 36887 errors occur when something happens with SSL/TLS sessions on the server. The error itself can mean a number of things, and you have to read the error message to find out what is causing the error. In almost every situation, these error happen because of issues with the client computer and not the server itself. There are some situations where there’s a problem with the server, but these are not as common. The frequency of the events can help you determine if there’s some problem with the server’s ability to encrypt data. If you get these events constantly, there is likely some issue with the certificate installed on the server that is encrypting HTTPS sessions, and you’ll want to investigate further. Later on, I’ll go over some of the error codes tied to the 36887 error and what you can do about them.
Figuring out the Cause
When viewing the 36887 errors, you will want to open up the error itself and look at what shows up the the general tab’s error information. You’ll want to look for a 2 or 3 digit error code as shown below:
Note the circled error number. You’ll need this information to determine the root cause of the error. In the next session, I’ll go over some of the codes in the next section.
Schannel 36887 Errors and What They Mean
There are quite a few of these error codes, and some of them are pretty confusing or not helpful. I won’t go over all of them, but I will highlight some of the more important ones. You can find a full list of the error codes and what the errors are at Microsoft’s document on the subject. If you are getting an error message that is listed there as “SSL3-” and whatever, disable SSL3.0. I won’t cover any of the SSL3 error codes here because they are old and I don’t want to encourage people to use SSL3.0.
Error 20 – This is an error you really want to look out for, because it’s an indicator that there is a man-in-the-middle attack going on. This error really only happens when the MAC address on the message is changed or corrupted. It’s very rare, and can happen with network corruption errors, but is also an indicator that someone is attempting to spoof MAC addresses or the MAC address on the message was changed. Investigate this heavily.
Error 21 – An error occurred when the server attempted to decrypt a message from the client. This one is weird and difficult to figure out. Most likely caused by network errors that corrupt the message in transit. If these are happening regularly, check your network for communication errors. If the network is fine, look for corruption on the server. I’ve never actually seen this error in the wild, so hopefully you don’t either.
Error 42 – The certificate is bad. Nobody knows *why* the certificate is bad, but it’s bad. Best solution here is to replace the certificate used for encryption. In the words of Pepe the King Prawn, you must “smack [it] like a bad, bad donkey, okay?”
Error 43 – The certificate isn’t supported. Usually this means that the client doesn’t support any of the encryption protocols defined by the certificate. If you can figure out which client is tripping this error, you can set it up to accept those authentication errors. In general, though, this only happens if the certificate is really really old.
Error 44 – The certificate has been revoked. You won’t see this error often, but just means that the certificate in use is not longer usable because it is insecure in some way. Just generate a new certificate and replace this one, because the one that is installed will never work again. Note that client machines cannot connect if this error is happening.
Error 45 – The certificate has expired and needs to be replace. All Digital Certificates have an expiration date and should not be used once they expire. Again, replace the certificate to fix this error. Clients can usually still connect when a certificate expires, but some web clients will not allow users to connect to systems with expired certificates.
Error 46 – This one is weird. The error means there has been an error with the certificate, but the system doesn’t recognize the error or doesn’t really know what happened. Often, you’ll see this error when users connect with out of date devices or browsers. However, it can also represent an attempt (usually a failed attempt) to break TLS encryption by a bad actor (A hacker. Not Paris Hilton). Most of the time you can ignore this error, but if the server is available from the Internet in any way, look into implementing a reverse proxy to protect against hacks that try to take advantage of flaws in encryption protocols.
Error 48 – The client doesn’t trust the Certificate Authority that created the certificate. This is usually easy to fix, and involves exporting a copy of the root CA certificate and importing it to the client’s computer in the Third Party Root Certificate Authorities store or the Trusted Root Certificate Authorities store. Specific instructions are available from Microsoft.
Error 49 – Access denied. This is an odd one. It doesn’t mean that access to the webpage was denied, it means that the client or server doesn’t have permission to use the certificate. Most often this will happen because the System or Machine account doesn’t have permission to read the Private Key on the certificate. Instructions to fix this are available from Watchguard. Just include the SYSTEM account in the ACL and grant it full permission. You may also need to grant this permission to NETWORK SERVICE, but don’t grant it to all users.
Error 51 – The message failed to decrypt. Usually caused by network corruption issues, but can be caused by an attempt to tamper with the message or because something was wrong with the encryption protocol that was used. If you see this regularly, dig into your network. This may also be caused by improper implementation of SSL/TLS, and needs to be fixed in the application itself.
Error 60 – The certificate in use was exported when export wasn’t authorized or an attempt to export an un-exportable certificate failed. Can signify at attempt to obtain the private key of the certificate for use in a hack, but mostly happens if you attempt to copy a cert that doesn’t support export.
Error 70 – The encryption protocol that the client or server attempted to use is not supported by the other system. This can occur if you have a Windows XP client that attempts to access a server that only support TLS1.2 or later, or a specific crypto-suite isn’t available to the client machine. If this happens, you need to allow older TLS protocols on the server (not recommended), Allow newer protocols on the server (if the server doesn’t support newer protocols, make sure it does), or upgrade whichever system doesn’t support newer protocols.
Error 71 – Pretty similar to error 70, this occurs when one system doesn’t support an encryption algorithm defined in the certificate. The fix is the same as error 70.
Error 80 – Service engine soon. In other words, something broke on the server, but it won’t tell you what. This error should be surrounded by some other errors that you can use to troubleshoot the problem, or you can just ignore it. Up to you.
Error 90 – This happens if a session is cancelled before completion. With the speed things happen these days, you aren’t likely to see this error. It can, however, be an indicator of attempted hack.
Error 110 and 111 – These are similar to 80, in that they represent unknown or totally arcane issues that are difficult to fix. Look around the error for clues.
Results
Hopefully the list of errors and solutions to them above will help you when you are dealing with these error messages. A lot of times, the 36887 error can be ignored, but sometimes there is a problem that needs to be fixed. Use this guide if you run into these errors so you can fix them and clean up your error logs.
Advanced search…
-
Latest activity
-
Register
Log in
Register
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
-
Still running Windows 7 or earlier? Support for Windows 7 ended on January 14th 2020. Please review the thread here for more details.
-
Microsoft Support & Malware Removal
-
Windows 7 | Windows Vista
You should upgrade or use an alternative browser.
what is schannel error 36887 fatal alert 70/80
-
Thread starter
Thread starterChuckR
-
Start date
Start date
C
ChuckR
Member
- Joined
- Nov 24, 2016
- Posts
- 301
-
-
#1
I run Windows 7 Professional 64bit. I run Google latest version. I run an NVIDIA graphics card. I have FireFox installed and I seldom use it.
The error started 12/07/2019 from what I can find in the Event Log.
Last edited:
xrobwx71
Administrator
- Joined
- Sep 27, 2019
- Posts
- 2,909
- Location
-
Panama City Beach, FL
-
-
#2
Event ID: 36887 Source: Schannel
70 - protocol_version - The protocol version the client attempted to negotiate is recognized, but not supported.The following fatal alert was received: 70
Has Sysnative Forums helped you? Please consider donating to help us support the site!
Share:
Facebook
X
Bluesky
LinkedIn
Reddit
Pinterest
Tumblr
WhatsApp
Email
Link
-
Microsoft Support & Malware Removal
-
Windows 7 | Windows Vista
Ошибки 36874, 36887, 36888 Schannel стали регулярно появляться на сервере Exchange 2013. За целый день накапливались десятки сообщений, но при этом работоспособность сервера нарушена не была.
Сокращение Schannel означает Secure Channel 1 – библиотека, криптографический провайдер (Security Support Provider – SSP), используемый для взаимодействия по протоколу http. По большому счету ошибки 36874, 36887, 36888 не сигнализируют о какой-то серьезной проблеме на сервере, а служат скорее для отладки взаимодействия с клиентами. Именно поэтому лишние оповещения от Schannel могут быть просто отключены.
Тем не менее, обилие одних и тех же ошибок Schannel осложняло диагностику на сервере и надо было от них избавляться.
Хочется задать вопросы или поделиться знаниями? Приходи в наш закрытый Telegram-чат.
Традиционно в самом начале диагностические сведения об ошибках, чтобы вы могли их точно идентифицировать у себя. Schannel 36874:
|
Получен запрос на подключение TLS 1.2 от удаленного клиентского приложения, но ни один из поддерживаемых этим приложением комплектов шифров не поддерживается сервером. Запрос на подключение SSL завершился с ошибкой. |
Schannel 36887:
|
С удаленной конечной точки получено оповещение о неустранимой ошибке. Определенный в протоколе TLS код оповещения о неустранимой ошибке: 46. |
Schannel 36888:
|
Оповещение о неустранимой ошибке было создано и отправлено удаленной конечной точке. Это может привести к разрыву соединения. Определенный в протоколе TLS код оповещения о неустранимой ошибке: 10. Состояние ошибки Windows SChannel: 1203. |
Для отключения индикации ошибок достаточно задать нужное значение параметра EventLogging в ветке реестра:
|
HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL |
При этом он может принимать следующие значения:
| Значение | Описание |
|---|---|
| 0x0000 | Не записывать в журнал |
| 0x0001 | Журнал сообщений об ошибках |
| 0x0002 | Журнал предупреждений |
| 0x0004 | Журнал информационные и успешные события |
Вариант 0x0000 меня полностью устраивает.
Открыв нужную ветку реестра, я не увидел раздела SCHANNEL. Поиск по всему реестру по вхождению SCHANNEL выдал:
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SecurityProviders\SCHANNEL |
Это не совсем то, о чем говорится в статье Microsoft 2, но можно попробовать задать нужные настройки и в этих ветках реестра. Кстати, это помогло.
Напоминаю, что все изменения в реестре вы выполняете на свой страх и риск, перед изменениями не забудьте сделать бэкап. Некорректные настройки могут привести к остановке работы сервера.
Может быть вам поможет дополнительная статья по кодам ошибок SSL 3. Найти больше информации по настройке и администрированию Exchange 2013 на моем блоге вы сможете в основной статье тематики – Exchange 2013 — Установка, настройка, администрирование.
A lot of Windows users are reporting that they’re suddenly encountering a lot of different Schannel Error entries inside Event Viewer with the 36887 ID. The error message accompanied by the error code is ‘A fatal alert was received from a remote endpoint. Fatal Alert 42’.
SChannel is essentially a set of security protocols that facilitate the implementation of encrypted identity authentication and secure communications between the involved parties.
As it turns out, several different causes might end up triggering the SChannel Error 36887:
- Missing EventLogging value in Registry – You might end up seeing this error because your system doesn’t have a dedicated registry key where it can dump events of this kind. To fix this issue in this car, you’ll need to create the EventLogging value manually via Registry Editor.
- TLS 1.0 was disabled by KB3161606 update – As it turns out, there is one particular update (KB3161606) that might end up producing these kinds of event errors since it effectively disables TLS 1.0. If you are still using applications that make use of this technology, you should be able to fix the issue by uninstalling the patch and blocking its installation.
- 3rd party AV interference – If you’re using ESET Antivirus, chances are you’re seeing this error because this 3rd party suite is effectively blocking any attempt at using TLS 1.0 Encryption. The only way to fix the problem is to uninstall the 3rd party AV suite and go for a different 3rd party suite.
- System file corruption – As it turns out, system file corruption can also be responsible for the apparition of this particular error message. If corruption among your system file is responsible for the error, you can fix the problem by running SFC or DISM scans to replace any damage instances with healthy copies.
- TLS Options are being used by IE – Another reason that might ultimately spawn this error is an instance where Internet Explorer or Microsoft Edge is permitted to run old TLS Encryptions. In this case, you can make the event views stop by disabling TLS options via the Internet Options menu.
- CCleaner v5.06 is interfering with TLS files – As it turns out, there is one file known for its interference with the core component of TLS encryption. In this case, you will need to uninstall the current CCleaner version before reinstalling the latest version to fix the problem.
Creating the EventLogging Registry key
As it turns out, the SChannel Error 36887 (Fatal Alert 42) can occur because your system doesn’t have a dedicated registry key where it can dump events of this kind.
If this scenario is applicable, you should be able to fix this issue by using Registry Editor to create the EventLogging key inside SecurityProviders/Schannel. This operation was confirmed to be successful by a lot of affected users that were encountering this issue on Windows Server versions.
Here’s a quick step by step guide on applying this fix on every recent Windows server version:
- Press Windows key + R to open up a Run dialog box. Next, type ‘regedit’ and press Enter to open up the Registry Editor. When prompted by the UAC (User Account Control), click Yes to grant administrative privileges.
Opening the Registry Editor - Once you’re inside the utility, use the left-hand menu to navigate to the following location:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL
Note: You can either get there manually or you can paste the location directly into the navigation bar and press Enter to get there instantly.
- After you get to this location, move over to the right-hand section and check if you have an EventLogging key.
Note: If you already have this key, skip the following steps and move directly to the next potential fix below. - In case the EventLogging key is indeed missing, right-click on an empty space and select NEW > Dword (32-bit) value to create a new key. Next, name the newly created value to EventLogging.
Creating the EventLogging value - Once the key has been successfully created, double-click on it and set the Value Data to 1 and the Base to Hexadecimal. Next, click Ok to save the changes.
Disabling EventLogging for SCHANNEL - Reboot your computer and see if the problem is fixed once the next system startup is completed.
In case you’re still encountering constant SChannel Error 36887 Event Viewer entries with the same error or this scenario was not applicable, move down to the next potential fix below.
Uninstall Microsoft Windows Patch (KB3161606)
As it turns out, one of the most common causes that will end up causing the Schannel 36887 error is a Microsoft Windows update patch KB3161606 that ends up disabling TLS 1.0. This technology is a now-deprecated predecessor to Secure Sockets Layer (SSL), but some applications might still use it.
Depending on the applications that you use, there are a lot of applications that might be affected by this – basically, any product that requires TLS 1.0 to maintain the full functionality of the product.
If you find yourself in this scenario and you’re looking for a way to revert to the old behavior and re-enable TLS 1.0, you will need to revert the update that made this machine change.
To do this, you will need to revert the KB3161606 Windows Update and prevent it from ever being installed on your machine again. Here’s a quick step by step guide on doing so:
Note: These steps will assume that the problematic update only got installed recently, and you have a viable System Restore point to work with.
- Open up a Run dialog box by pressing Windows key + R. Next, type ‘rstrui’ inside the text box and press Enter to open up the System Restore utility.
Opening the System Restore wizard via Run box - Once you’re inside the System Restore utility, click on Next at the very first prompt, then check the box next to Show more restore points to see a full list of available system restore points.
- After you do this, select a restore snapshot that is dated right before the problematic Windows Update was installed and you started seeing frequent Schannel 36887 Errors.
Restoring your system to a previous point in time - Once you get this far, you are ready to use this utility – All you have to do now is click on Next, then Finish to complete the operation. Your computer will then restart and every change made since then (including the installation of the KB3161606 error will be reverted.
- At the next system startup, you will need to ensure that the update doesn’t get installed once again. If you leave it like this, Windows will automatically reinstall the update that ends up disabling TLS 1.0 encryption. To ensure that doesn’t happen, you will need to hide that particular update.
- To hide the update, you will need to download and install the official Microsoft Show or Hide troubleshooter package from this link (here).
- After you download the executable, double-click on it to open the utility and click on Advanced to enable Apply repairs Automatically before clicking Next to continue.
Applying repairs automatically - Once you get to the next screen, wait patiently until the initial scan is finished, then click on Hide Updates.
Hiding updates - After you do this, check the box associated with the KB3161606 update, then click on Next to advance to the final screen below.
Hiding updates - Wait patiently until the procedure is complete, then reboot your computer to make the change permanent.
- Once the next startup is complete, you can open the Event Viewer and check for any new instances of the SChannel Error 36887. In case you were encountering these errors due to TLS 1.0 Encryption, new entries of the same errors should no longer appear.
In case this method is not applicable or you followed the instructions and you still get the same constant SChannel Error 36887 in Event viewer, move down to the next potential fix below.
Uninstalling ESET Antivirus
As it turns out, ESET Antivirus Endpoint protection is not a big fan of the now deprecated TLS 1.0 Encryption. If you have any programs that still use this old technology, you will need to uninstall ESET to fix the issue (disabling the real-time protection will not work since this block is enforced at a firewall level.
Some users that were also dealing with persistent Event viewers related to Shannel have confirmed that no new errors of this kind were ever reported once they’ve removed the AV from their system.
This is not the most elegant solution, but it’s a quick fix in case you can afford to switch over to Windows Defender or another 3rd party equivalent. Here’s a quick guide on uninstalling Eset Antivirus:
- Press Windows key + R to open up a Run dialog box. Next, type ‘appwiz.cpl’ and press Enter to open up the Programs and Features window.
Typing in “appwiz.cpl” in the Run prompt - Once you’re inside the Programs and Features menu, scroll down through the list of installed applications and locate the entry associated with Eset antivirus.
- When you see it, right-click on it and choose Uninstall from the context menu to begin the installation process.
Uninstalling ESET antivirus - At the uninstallation screen, follow the on-screen instructions to complete the process, then restart your computer and see if the problem is fixed at the next startup sequence.
In case you’re still seeing frequent SChannel Error 36887 entries in Event viewer, move down to the next potential fix below.
Running SFC and DISM scans
Under certain circumstances, you can expect to see this error due to some type of system file corruption that ends up affecting your machine ability to handle TSL encryption. In this case, you will need to run a couple of utilities equipped to find and fix instances of corrupted system files.
Fortunately, every recent Windows version is equipped with two built-in tools capable of helping you do this: System File Checker (SFC) and Deployment and Image Servicing and Deployment (DISM).
Both utilities will ultimately help you clean your system for system file corruption, but they operate differently – DISM relies on a Windows Update subcomponent to download healthy copies for the files that need to be replaced while SFC retrieves healthy files from an archive that is stored locally.
Our recommendation is to run both utilities in quick succession to improve your chances of fixing the issue. Start with a simple SFC scan and once the operation is complete, restart your computer and start a DISM scan.
Note: Keep in mind that before running DISM, you will need to ensure that your Internet connection is stable.
After both scans have been successfully performed, reboot your computer and see if you’re still seeing the same constant SChannel Error 36887 (Fatal Alert 42) errors in Event viewer.
In case the same problem is still occurring, move down to the next method below.
Disabling the use of TLS Options
In case you notice that these Schannel errors are somehow triggered by your web surfing (whenever you visit certain websites), it’s very likely that the error gets triggered when you visit sites that don’t use TLS encryption.
In this case, you can ensure that the same errors aren’t thrown ever again by this scenario by disabling the Use TLS option inside your Internet Options menu. This is not ideal since it might leave your system vulnerable to certain browser hijackers, but it serves as a reliable temporary fix.
Here’s a quick guide on disabling the use of TLS Options via the Internet Options menu:
- Press Windows key + R to open up a Run dialog box. Next, type ‘intetcpl.cpl’ inside the text box and press Enter to open up the Internet Options screen.
Opening the Internet Properties screen - Once you’re inside the Internet Properties screen, click on the Advanced tab and then scroll down to the Security entry inside the Settings menu.
- Next, uncheck every box that starts with Use TLS and click Apply to save the changes.
Disabling the use of TLS from Internet Properties - After you save the changes, restart your machine and see if the problem is fixed at the next computer startup.
In case you’re still stuck with the same SChannel Error 36887 (Fatal Alert 42) error, move down to the next potential fix below.
Installing the Latest version of CCleaner (if applicable)
As it turns out, this problem can also be caused by an older version of a 3rd party cleaning app called CCleaner from Piriform. This particular problem is only reported to occur with version 5.06.
If this scenario is applicable and you have CCleaner installed on your computer, you should be able to fix the issue by uninstalling the current CCleaner version and then reinstalling the latest. This operation was confirmed to work by several affected users that we’re encountering the SChannel Error 36887 (Fatal Alert 42) error.
If this applies to you too, follow the instructions below to uninstall current CCleaner and reinstall the latest version:
- Press Windows key + R to open up a Run dialog box. Next, type ‘appwiz.cpl’ and press Enter to open up the Programs and Files menu.
Type appwiz.cpl and Press Enter to Open Installed Programs List - Once you’re inside the Programs and Features menu, scroll down through the list of installed programs and locate CCleaner. When you see it, right-click on it and choose Uninstall from the newly appeared context menu.
Uninstalling CCleaner - Next, follow the on-screen instructions to complete the uninstallation, then restart your computer.
- At the next computer startup, visit this link (here) and wait for the download to complete.
Downloading CCleaner - Once the download is complete, open the installation executable that you just downloaded and follow the on-screen prompts to complete the installation of the newest version>
Installing CCleaner - After installing the newest version, reboot your computer and see if you spot any new instances of the SChannel Error 36887 inside Event Viewer after the next startup is complete.
