Warm tip: This article is reproduced from serverfault.com, please click
ssl tls1.2 windows windows-server-2016 exchange-server-2016

A fatal error occurred while creating a TLS client credential. The internal error state is 10013

发布于 2018-11-02 15:52:10

Recently deployed a Windows 2016 Standard Server, with Active Directory and Exchange 2016.

We have disabled SSL 1.0, 2.0 and 3.0 for both Server and Client, and have disabled TLS 1.0 and TLS 1.1.

We are repeatedly getting the following entry in our system log. What is causing this, and how can I fix it.

enter image description here

Questioner
neildt
Viewed
0
分享
18.9k 2021-02-26 04:45:23

Basically we had to enable TLS 1.2 for .NET 4.x. Making this registry changed worked for me, and stopped the event log filling up with the Schannel error.

More information on the answer can be found here

Linked Info Summary

Enable TLS 1.2 at the system (SCHANNEL) level:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001

(equivalent keys are probably also available for other TLS versions)

Tell .NET Framework to use the system TLS versions:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001

This may not be desirable for edge cases where .NET Framework 4.x applications need to have different protocols enabled and disabled than the OS does.

Paul Suart 2020-02-13 10:53:04

I used IIS Crypto GUI (nartac.com/Products/IISCrypto) to make these registry changes after experiencing the same error. Just click "Best practices" then "Apply". Reboot. Job done 👍🏼

StarNamer 2020-04-02 18:58:30

Neither manually adding to the registry nor using IISCrypto worked for me. Still looking for a solution as having 4 or these errors every 10 seconds means it's almost impossible to check for anything else in the event log.

Alexey 2020-07-29 09:40:58

Set-ItemProperty 'HKLM:\SOFTWARE\Microsoft\.NETFramework\v4.0.30319' -Name SystemDefaultTlsVersions -Value 1 Set-ItemProperty 'HKLM:\SOFTWARE\wow6432node\Microsoft\.NETFramework\v4.0.30319' -Name SystemDefaultTlsVersions -Value 1

bfhd 2021-02-24 02:30:14

I too resolved this issue with IISCrypto, but I suspect making changes with that application also caused the problem in the first place.

热门帖子

1
卷死同行 gpt-4o 模型 1.4 折中转 接近官网 3.5 的价格!
2
各位大佬好,我是一名大学生,想请教一下大家有没有什么适合大学生的赚钱小项目?我深知赚钱不易,所以想在不影响学业的前提下,找一些小项目来赚点零花钱。希望各位大佬能不吝赐教,分享一些你们的经验和建议。谢谢大家啦!
3
虚心求教,数据量上亿的爬虫数据用什么该用什么数据库呢
4
联通推出了更便宜的 eSIM iPad 套餐
5
坐标深圳,收台主机,不急
6
google doc如何快速插入日期时间?
7
最近三年面了三百多人,给程序员和面试官们分享一下我的感受
8
求助-我想低成本批量搭建美国 ip 的 socks5 代理,有什么好的方式吗?
9
7 年 iOS, 2 年 Java
10
该换手机了,消息推送延时短的手机有哪些呢?

热门github

1
A multi-platform library for OpenGL, OpenGL ES, Vulkan, window and input
2
Dev tool that writes scalable apps from scratch while the developer oversees the implementation
3
shadcn/ui, but for Svelte. ✨
4
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.
5
Performance-portable, length-agnostic SIMD with runtime dispatch
6
ZK Credo
7
OpenCodeInterpreter: Integrating Code Generation with Execution and Refinement
8
Joplin - the secure note taking and to-do app with synchronisation capabilities for Windows, macOS, Linux, Android and iOS.
9
Mamba is a new state space model architecture showing promising performance on information-dense data such as language modeling, where previous subquadratic models fall short of Transformers. It is based on the line of progress on structured state space models, with an efficient hardware-aware design and implementation in the spirit of FlashAttention.
10
This repository contains System Design resources which are useful while preparing for interviews and learning Distributed Systems
11
Curso para aprender el lenguaje de programación Python desde cero y para principiantes. 75 clases, 37 horas en vídeo, código, proyectos y grupo de chat. Fundamentos, frontend, backend, testing, IA...
12
🎓 Path to a free self-taught education in Computer Science!
13
1️⃣🐝🏎️ The One Billion Row Challenge -- A fun exploration of how quickly 1B rows from a text file can be aggregated with Java
14
A collective list of free APIs
15
📚 Freely available programming books