The TLS protocol defined fatal alert code is 48.

Hi,

I'm keep getting this error the last couple of days in the event log: "A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 48."

The error means: "Received a valid certificate chain or partial chain, but the certificate was not accepted because the CA certificate could not be located or could not be matched with a known, trusted CA. This message is always fatal."

I know it's not directly related to Telligent (although one of the reports about this error was also from someone running Zimbra/Telligent). So I hoped that someone here maybe knows this error, and more important, how to get rid of it.

The error started after I rebooted the first time after upgrading to 10.1.6.

Parents
  • Do you have any custom code around this?

    Do you have any more details about the exception? (Full error text, error type, stack trace)

    Is it reliably reproducible enough to run a Fiddler trace?

  • No custom code in that direction. Pretty standard implementation with a certificate.

    Log Name:      System
    Source:        Schannel
    Date:          4/17/2018 8:34:31 PM
    Event ID:      36887
    Task Category: None
    Level:         Error
    Keywords:      
    User:          SYSTEM
    Computer:      XXX
    Description:
    A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 48.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
        <EventID>36887</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8000000000000000</Keywords>
        <TimeCreated SystemTime="2018-04-17T18:34:31.713328300Z" />
        <EventRecordID>639552</EventRecordID>
        <Correlation />
        <Execution ProcessID="548" ThreadID="2604" />
        <Channel>System</Channel>
        <Computer>XXX</Computer>
        <Security UserID="S-1-5-18" />
      </System>
      <EventData>
        <Data Name="AlertDesc">48</Data>
      </EventData>
    </Event>

    They are also a lot of "A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203."

    Log Name:      System
    Source:        Schannel
    Date:          4/17/2018 8:35:35 PM
    Event ID:      36888
    Task Category: None
    Level:         Error
    Keywords:      
    User:          SYSTEM
    Computer:      XXX
    Description:
    A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
        <EventID>36888</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8000000000000000</Keywords>
        <TimeCreated SystemTime="2018-04-17T18:35:35.106546000Z" />
        <EventRecordID>639556</EventRecordID>
        <Correlation />
        <Execution ProcessID="548" ThreadID="2604" />
        <Channel>System</Channel>
        <Computer>XXX</Computer>
        <Security UserID="S-1-5-18" />
      </System>
      <EventData>
        <Data Name="AlertDesc">10</Data>
        <Data Name="ErrorState">1203</Data>
      </EventData>
    </Event>

    As I don't really know which process that fails then its difficult to get much closer, nor say how to reproduce it.

  • I'm not sure if this is related to Telligent - and the other report was from someone running Zimbra, which is a separate product.

    Is it possible there is an issue with your certificate chain? This is at least something to check and confirm: support.dnsimple.com/.../

Reply Children
  • Hi Steven,

    I did check the certificate chain already, CA is there and does not show any errors.

    I'm sure it has nothing to do with Telligent - at least not directly. What makes me think indirectly, is that this problem started after I upgraded to 10.1.6. And after I started using the socketbus.

    Some of the messages also says something about permissions to the certificates. Could there be something here? Permissions from the socketbus? I've also noticed that there are quite a lot of time out exceptions regarding the socketbus.