Troubleshooting Event 36876 Source Schannel


Problem:

Users could not change theirs password and this event was logged on system. The form to change was developed by another team and runs over Apache.

Source: Schannel

Category: None
Event ID: 36876
Date: Date
Time: Time
User: N/A
Computer: YourComputerName
Description:
The certificate received from the remote server has not validated correctly. The error code is 0x80090328. The SSL connection request has failed. The attached data contains the server certificate.

Error Code 0x80090328 = SEC_E_CERT_EXPIRED (Certificate is expired).

After check in theĀ  Root Authority Certificate I’ve notice that the Domain server certificate, had been renewed, and found this KB http://support.microsoft.com/default.aspx?scid=kb;en-us;839514, that has all information to solve the “change password issue”

To resume:

This issue occurs because LDAP caches the certificate on the server. Although the certificate has expired and the server receives a new certificate from a CA, the server uses the cached certificate. You must restart the server before the server uses the new certificate.

Plan a reboot to the date of certification renew, in my case every year.

Hope that this information can help you.

Advertisements

About rodvars
Been working in IT Services/Consulting for the past 15 years. My main areas of work are planning, development, managing and administration System infrastructures focusing on optimizing user processes, enforcing business security, performance enhancements, high availabilty and infrastucture scalability.

One Response to Troubleshooting Event 36876 Source Schannel

  1. If you are going for most excellent contents like myself,
    simply visit this website all the time since it gives feature contents, thanks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: