M
mancio
Hello,
on a Windows Server 2016 domain server, for security reasons the SSL 3.0 protocol on both the server and client side has been disabled.
Once this was done, error events with ID 36874 started to appear:
"An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed."
These events disappear if the client-side SSL 3.0 and the cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA are re-enabled.
From the details of the event I see that the lsass.exe process is involved, but I think that this is not the cause but that it is involved by another process.
The question is: how do I figure out who is trying to use SSL 3.0?
Thanks
Andrea
Continue reading...
on a Windows Server 2016 domain server, for security reasons the SSL 3.0 protocol on both the server and client side has been disabled.
Once this was done, error events with ID 36874 started to appear:
"An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed."
These events disappear if the client-side SSL 3.0 and the cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA are re-enabled.
From the details of the event I see that the lsass.exe process is involved, but I think that this is not the cause but that it is involved by another process.
The question is: how do I figure out who is trying to use SSL 3.0?
Thanks
Andrea
Continue reading...