Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 36884 Source: Schannel

Source
Level
Description
The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is <server name>. The SSL connection request has failed. The attached data contains the server certificate.
Comments
 
As per ME2275950, this may be recorded in certain conditions if the LDAP directory service is hosted on many nodes that are put behind a Network Load Balancing (NLB) server. The article provides details for a hotfix available.

EV100638 (MSTurnPing Bug) describes a similar scenario, with this event being generated by nodes in a NLB cluster when the MSTurnPing tool is used.
ME2282241 indicates that this problem occurs because of an error in Windows Vista and in Windows Server 2008. The LDAP client stores the node's canonical name into the alias field. This problem occurs if the node alias and the node name are different. See the article for information about a hotfix available.
When we set up our Outlook Web Access and tried to go into public folders on the Exchange system manager, we received an error about SSL certificate being invalid. The Certificate published to the public was for the server's public FQDN (different to the "real" name). When the SSL IIS was set up, the required secure channel tick box was ticked and applied to all child nodes. Unticking this box and letting this new setting filter down solved both problems.
ME324345 only applies to Windows 2000. After following the instructions in ME324345 without success on a Windows 2003 box, I found that to get rid of the error I had to first remove the certificate from the default website completely and then add it again. This cured the problem.
ME814662 provides information on this event.


Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...