Schannel Certification errors in Windows System Event logs for ITMS

book

Article ID: 159303

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

Schannel Communication errors appear in the Windows System Event Logs indicating that there's a communication failure between the Symantec Management Platform (SMP) and the Agent.

Source: Schannel
EventID: 36884
User: SYSTEM

The certificate received from the remote servers does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is FQDN. The SSL connection request has failed. The attached data contains the server certificate.

The Attached Cert has no data.

Cause

The cause of SChannel errors is SChannel module. Agent’s HTTPS transport uses this system module to perform SSL handshake. Agent itself does not have
control over certificates, SChannel fully controls which certificate to use and it logs the error when it cannot find the proper certificate.

The certificate has to be registered with the agent, currently this isn't possible, the agent has no idea whether or not it has a certificate; because the certificate isn't installed on the agent, but on the target computer. As a result the agent returns no data, creating the SChannel Error.

Resolution


The error message can be safely ignored, this is a known issue to be fixed in a future release.

There is a Workaround provided by Microsoft to disable the Schannel messages from appear in the Event log

http://support.microsoft.com/kb/260729

 

Another work around is to install the Root certificate from the SMP on the agent.  This will stop the schannel errors in the Windows logs.

The certificate can be exported from IIS on the SMP as a .pfx, then uploaded into target agent settings Advanced tab.