Elastic Windows Event Explorer


Publisher - Schannel

Event ID 36872

Message:

The TLS %{Type} specified certificate's chain could not be retrieved:

   Failure Status: %{ErrorCode}
   Flags: %{CertFlags}

 The attached data contains the certificate.

Event Data:

# Name In Type
Out Type
1 Type win:UnicodeString xs:string
2 ErrorCode win:HexInt32 win:HexInt32
3 CertFlags win:HexInt32 win:HexInt32
4 __binLength win:UInt32 xs:unsignedInt
5 CredContext win:Binary xs:hexBinary

Observed Windows Versions:

Version: 0

Fingerprint: G7DUCHPQUJMTY