Consistent Schannel Errors - Event ID 36882

I am getting multiple Schannel errors every 5mins or so.  The error is a Schannel error with Even ID 36882 and reads:

The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The TLS connection request has failed. The attached data contains the server certificate.

When I look at the details view - it seems like it does not like my Office 365 SIP.MYDOMAIN.COM  definition.   This domain was defined when I signed up for Office 365 and it wanted me to setup DNS records.

From what I can tell, my Skype for business still works, so not sure what the issue is.

This is an extract of the details, you will see that Sophos is mentioned and also my sip domain.

0048: 4F 78 66 6F 72 64 73 68 Oxfordsh
0050: 69 72 65 31 0F 30 0D 06 ire1.0..
0058: 03 55 04 0A 0C 06 53 6F .U....So
0060: 70 68 6F 73 31 0C 30 0A phos1.0.
0068: 06 03 55 04 0B 0C 03 4E ..U....N
0070: 53 47 31 26 30 24 06 03 SG1&0$..
0078: 55 04 03 0C 1D 53 6F 70 U....Sop
0080: 68 6F 73 20 53 53 4C 20 hos SSL
0088: 43 41 5F 43 30 31 30 30 CA_C0100
0090: 31 38 52 44 36 44 37 57 18RD6D7W
0098: 37 42 31 21 30 1F 06 09 7B1!0...
00a0: 2A 86 48 86 F7 0D 01 09 *†H†÷...
00a8: 01 16 12 73 75 70 70 6F ...suppo
00b0: 72 74 40 73 6F 70 68 6F rt@sopho
00b8: 73 2E 63 6F 6D 30 1E 17 s.com0..
00c0: 0D 31 36 30 32 31 31 30 .1602110
00c8: 33 30 31 35 31 5A 17 0D 30151Z..
00d0: 31 39 30 34 30 33 30 33 19040303
00d8: 30 31 35 31 5A 30 1B 31 0151Z0.1
00e0: 19 30 17 06 03 55 04 03 .0...U..
00e8: 0C 10 73 69 70 2E 69 74 ..sip.my
00f0: 70 72 6F 61 63 74 2E 63 domain.c
00f8: 6F 6D 30 82 01 22 30 0D om0‚."0.

 

Why is this happening?

  • Hi Mark,

    I am looking into the matter with our Dev. Team, allow me sometime to get you an update.

    Thanks

  • In reply to sachingurung:

    Hi Mark,

    Greetings.

    I did some R&D, Event ID 36882: The Certificate Received From the Remote Server Was Issued By an Untrusted Certificate Authority.

    Because authentication relies on digital certificates, certification authorities (CAs) such as Verisign or Active Directory Certificate Services are an important part of TLS/SSL. A CA is a mutually-trusted third party that confirms the identity of a certificate requestor (usually a user or computer), and then issues the requestor a certificate. The certificate binds the requestor’s identity to a public key. CAs also renew and revoke certificates as necessary. For example, if a client is presented with a server’s certificate, the client computer might try to match the server’s CA against the client’s list of trusted CAs. If the issuing CA is trusted, the client will verify that the certificate is authentic and has not been tampered with.

    The Schannel provider creates the list of trusted certification authorities by searching the Trusted Root Certification Authorities store on the local computer. When Schannel detects a certificate that was issued by an untrusted certification authority, this error is logged.

    I think the issue is due to improper import of SSL CA. I suggest you to re-import the certificate and monitor it further.

    Thanks

    Sachin Gurung