event 36887 schannel The following fatal alert was received: 10

Solution 1:

Do you receive these errors often (on a schedule?) and are you aware of any actual problems that coincide with their appearance? I ask because it's likely that you can safely ignore them or suppress them.

The error itself is quite vague. According to the TLS Protocol RFC, this indicates an unexpected message. Alert messages with a level of fatal result in the immediate termination of the connection. In this case, other connections corresponding to the session may continue, but the session identifier MUST be invalidated, preventing the failed session from being used to establish new connections.

This sounds truly problematic until you realize that it's likely that the machine attempting to establish the TLS connection likely tries again in a more agreeable fashion.

If you'd like to suppress the SChannel alerts, you can tweak the registry setting detailed in KB260729.

Update: Many times these are externally caused. You can generate a similar error by attempting to access your Outlook Web Access site in the following (invalid) manner --

http://mail.example.com:443/owa (note the use of http on port 443, NOT https)

If you check your event logs following this, you'll see a fatal alert 10 with internal error state of 1203. This is obviously nothing to be concerned about; it has everything to do with someone trying to access OWA incorrectly and nothing to do with a server misconfiguration.

Solution 2:

how often do you have these errors? I have them sometimes, it jsut mean taht a ssl connection failed for whatever reason. Could be a client sending bad request or something else. I had the issue when a malformed imap connection was happening every 2 minutes.

If it doesnt happen very often i think you can just ignored them.