b

Post Disabling TLS 1.0 & 1.1 Getting 36871 Event ID For Schannel

Sitender Kumar | Wed, 13 Apr 2022 at 07:55 hours | Replies : 2 | Points : 100

Category : Windows Server 2016


After disabling TLS 1.0 & 1.1 Windows 2016 server start responding extremely slow, receiving Event ID 36871 Schannel. Please help.


This Question is already solved Click To See The Answer


A. You can do the registry modifications as mentioned below: *make sure before editing registry take a backup first*

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
Note: please do a backup before we change any registry key.

B. Take a reboot of server to apply the registry changes by .Net
C. There shouldn't be SCHANNEL events anymore

Thanks

Thanks a lot, it worked. Server response is usual now.