Tripredacus Posted June 8, 2021 Share Posted June 8, 2021 On various computers I will see the occasional Schannel error in Event Viewer. Such as: The following fatal alert was received: 40. The following fatal alert was received: 70. Here is the key to those errors: https://docs.microsoft.com/en-us/windows/win32/secauthn/schannel-error-codes-for-tls-and-ssl-alerts So I know what the error means, but there is no indication what program or service attempted the connection or what the destination is. The setting relating to these events is default to 0x1 but there is no "verbose" setting, only to choose what types of events to log. https://docs.microsoft.com/en-us/troubleshoot/iis/enable-schannel-event-logging The issue I have is not that I do not know how to troubleshoot an SSL issue, rather that I have no idea where to start. Windows just logs that an SSL error occurred but doesn't say anything more than that. Whatever is making this error, it is not something that I am actively using and/or seeing a failure in a program I am using. Other than running a packet capture on my LAN card constantly hoping to catch something through the day, is there some other way I can figure out what is generating the errors? The timeframes of the events do not present a recognisable pattern. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now