What are the Schannel TLS fatal alert codes?

Question

Where can I find a definition of the Windows Schannel fatal alerts codes that show up in Event Viewer? For instance:

A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

score 9 · Accepted Answer · answered Jun 26 '20 at 02:14

9

The alert codes are defined at:

https://learn.microsoft.com/en-us/windows/win32/secauthn/schannel-error-codes-for-tls-and-ssl-alerts

    40 = SSL3_ALERT_HANDSHAKE_FAILURE
    42 = TLS1_ALERT_BAD_CERTIFICATE
    43 = TLS1_ALERT_UNSUPPORTED_CERT
    44 = TLS1_ALERT_CERTIFICATE_REVOKED
    45 = TLS1_ALERT_CERTIFICATE_EXPIRED
    46 = TLS1_ALERT_CERTIFICATE_UNKNOWN
    48 = TLS1_ALERT_UNKNOWN_CA
    70 = TLS1_ALERT_PROTOCOL_VERSION

answered Jun 26 '20 at 02:14

JD Brennan

992
1
10
20

This is mildly useful in terms of putting words to the numbers, but could be improved by including information in terms of what to do with this information once known (e.g. what is the _cause_ of each alert?). – TylerH Feb 21 '22 at 19:42

What are the Schannel TLS fatal alert codes?

1 Answers1