Event ID - 36876

Event Id36876
SourceSchannel
DescriptionThe certificate received from the remote server has not validated correctly. The error code is %1
Event InformationAccording to Microsoft:
CAUSE:
This issue may occur if all the following conditions are true:
• The IAS or Routing and Remote Access server is a domain member, but automatic certificate requests functionality (autoenrollment) is not configured in the domain. Or, the IAS or Routing and Remote Access server is not a domain member.
• You manually request and receive a new certificate for the IAS or Routing and Remote Access server.
• You do not remove the expired certificate from the IAS or Routing and Remote Access server. If an expired certificate is present on the IAS or Routing and Remote Access server together with a new valid certificate, client authentication does not succeed. The ""Error 0x80090328"" result that is displayed in the Event Log on the client computer corresponds to ""Expired Certificate.""
WORKAROUND :
To work around this issue, remove the expired (archived) certificate. To do this, follow these steps:
1. Open the Microsoft Management Console (MMC) snap-in where you manage the certificate store on the IAS server. If you do not already have an MMC snap-in to view the certificate store from, create one. To do so:
a. Click Start, click Run, type mmc in the Open box, and then click OK.
b. On the Console menu (the File menu in Windows Server 2003), click Add/Remove Snap-in, and then click Add.
c. In the Available Standalone Snap-ins list, click Certificates, click Add, click Computer account, click Next, and then click Finish.
Note You can also add the Certificates snap-in for the user account and for the service account to this MMC snap-in.
d. Click Close, and then click OK.
2. Under Console Root, click Certificates (Local Computer).
3. On the View menu, click Options.
4. Click to select the Archived certificates check box, and then click OK.
5. Expand Personal, and then click Certificates.
6. Right-click the expired (archived) digital certificate, click Delete, and
Reference LinksClients Cannot Authenticate with a Server After You Obtain a New Certificate to Replace an Expired Certificate on the Server

Schannel Returns "SEC_E_CERT_UNKNOWN" for Valid Server Certificate

You receive an SSL Certificate error message when you view public folders in Exchange System Manager

A client computer cannot authenticate to a domain controller that is running Windows 2000 or Windows Server 2003 by using LDAP over SSL

You may not be able to connect to a domain controller by using LDAP over an SSL connection when the domain controller is running Windows 2000 Server with SP4

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.