We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
We're aware that dates on the Forum are not currently showing correctly. Please bear with us while we get this fixed, and see Site feedback for updates.
Error events when logging on to Nationwide Internet Banking

Idomeneus
Posts: 73 Forumite

in Techie Stuff
I’m using IE11 on 64-bit Windows 7 SP1. Every time I logon to Nationwide Building Society Internet Banking, a number of Schannel 36888 error events appear in my Windows System error log. The description of each event is “The following fatal alert was generated: 43. The internal error state is 252.”. At the same time, I’m also getting a few Schannel 36887 error events with the description “The following fatal alert was received: 20.” (The TLS/SSL alert code 20 is for a bad record MAC (message authentication code) and 43 is for an unsupported digital certificate.)
I have tried logging on to a number of other Web sites, including banking Web sites, utility Web sites, online shopping Web sites, forum Web sites, etc., but none of the ones I have tried so far cause these error events to occur. They occur only when I logon to Nationwide Internet Banking. So I feel fairly confident that it is not my Windows system configuration that is causing the problem.
I have written to Nationwide about the problem but, in case I need more evidence that the problem lies with Nationwide’s systems, it would be good to know whether anyone else is experiencing the same error events.
I have tried logging on to a number of other Web sites, including banking Web sites, utility Web sites, online shopping Web sites, forum Web sites, etc., but none of the ones I have tried so far cause these error events to occur. They occur only when I logon to Nationwide Internet Banking. So I feel fairly confident that it is not my Windows system configuration that is causing the problem.
I have written to Nationwide about the problem but, in case I need more evidence that the problem lies with Nationwide’s systems, it would be good to know whether anyone else is experiencing the same error events.
0
Comments
-
May be this
IE/tools/Internet options/Advanced, uncheck TLS 1.2
https://social.technet.microsoft.com/Forums/en-US/51d81f3a-84c1-4343-a7a5-7625aeeb665d/schannel-event-id-36888-alert-43-internal-error-state-252?forum=w7itprosecurity0 -
Thank you for the reply. I have the following comments.
I had already found the thread whose link you mention in your reply, along with other threads on the same theme. By posting on this forum, I wasn’t really asking for help in solving the problem. Unless I find evidence to the contrary, I think it is Nationwide’s problem to solve.
My primary objective was to ask whether anyone else is experiencing the same error events when logging in to Nationwide Internet Banking. In case anyone is interested in helping in this respect, you don’t actually need to be a Nationwide Internet Banking customer to find out whether your system generates these error events. You don’t actually need to be able to log in. All you need to do is go to the Nationwide Internet Banking login page:
https://onlinebanking.nationwide.co.uk/AccessManagement/Login
and then look in your event viewer to see whether any Schannel 36888 events have been generated. Remember, your system will obtain a secure connection to Nationwide’s server using TLS/SSL before any security information (password, etc.) is sent to Nationwide. I am guessing that these error events are being generated during the TLS/SSL handshake.
Disabling TLS is NOT the answer. SSL has known vulnerabilities, so I believe it is unacceptable to suppress the use of TLS in Internet Options.0 -
In case anyone is interested in helping in this respect, you don’t actually need to be a Nationwide Internet Banking customer to find out whether your system generates these error events. You don’t actually need to be able to log in. All you need to do is go to the Nationwide Internet Banking login page........
and then look in your event viewer to see whether any Schannel 36888 events have been generated.
No problem accessing the site using either Firefox or Chrome and no errors generated.0 -
No problems for me with NationwideNO to pasty tax We won!!!! Just shows that people power works! Don't be apathetic to your cause!0
-
64 bit version of Windows 8.1 and IE 11 here.
The following error appears several times in my Windows System Log (Event ID: 36888) when I visit Nationwide's Internet banking page:A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.
No 36887 Event IDs.
And I can log in a browse okay.0 -
My thanks to all who have replied. It was gratifying to read SnowTiger’s post to find out that someone else, with a similar system configuration to mine, is getting exactly the same error events.
I think the key to understanding what is going on is the browser options. I don’t know anything about the options for Firefox and Chrome and what their default settings are. On IE11, in Internet Options/Advanced, the options “Use SSL 3.0”, “Use TLS 1.0”, “Use TLS 1.1” and “Use TLS 1.2” are all selected by default on Windows 7 SP1. Only “Use SSL 2.0” is deselected by default. I know by experiment that, if I deselect “Use TLS 1.2”, the error events don’t occur. But, as I stated previously, I don’t believe it is acceptable to deselect any of the TLS options.
I have received my first reply from Nationwide on the issue. They asked me to deselect all the SSL and TLS options except “Use SSL 3.0” and “Use TLS 1.0”. This is a little worrying.
Because of the known vulnerability in SSL 3.0, the industry is now going through a process of removing dependence on it. See the following Microsoft security advisory, for example:
https://technet.microsoft.com/en-us/library/security/3009008.aspx
In this document, Microsoft suggests that all customers should deselect “Use SSL 3.0” in Internet Options/Advanced. Moreover, in the 14 April 2015 update to IE11, Microsoft plan to deselect “Use SSL 3.0” by default - see the following:
http://blogs.msdn.com/b/ie/archive/2015/02/10/february-2015-security-updates-for-internet-explorer.aspx
I tried deselecting “Use SSL 3.0” on my system and found that it did not prevent me from logging in to Nationwide Internet Banking. So everything appears to be OK, and I have now followed Microsoft’s suggestion and deselected “Use SSL 3.0” on a permanent basis.
However, from Nationwide’s reply, I am left wondering whether there are situations when Nationwide still needs to fall back to SSL 3.0. If there are such situations, I hope Nationwide is aware of what is happening and is taking steps to remove its dependence on SSL 3.0. Otherwise, Nationwide might have a number of irate customers who find they cannot log in to Nationwide Internet Banking after the 14 April 2015!0 -
This discussion has been closed.
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 348.4K Banking & Borrowing
- 252.1K Reduce Debt & Boost Income
- 452.4K Spending & Discounts
- 241K Work, Benefits & Business
- 617.3K Mortgages, Homes & Bills
- 175.7K Life & Family
- 254.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 15.1K Coronavirus Support Boards