On a Windows 2008 R2 SP1 server with current updates applied I am receiving an error from Schannel, 36885 indicating this server trusts so many certificate authorities that the list has grown too long... In the Trusted Root Certificatation Authorities list there are 317 certificates. This warning appears on mulitple servers a few times a month. How can I get rid of this warning.

Kevin, thank you for you reply. I have seen the article. Workaround 1, to delete the certificates on each server is not practical as I have many servers and the issue may occur again with the next certificate update. Workaround 2, to use AD and import trusted certificates is a very time consuming process to figure out which ones are necessary for the correct funtioning of windows. Workaround 3, I am not sure of the security implications of Internet Explorer displaying all the client certificates that are installed on the client computer. Are you aware of a hotfix for Server 2008 R2?

I will try to use method # 1 on a single server. I am using the following article as a guide on which certificates to keep: http://support.microsoft.com/kb/293781 I will know that the problem is resolved in 1 month as the certificate store is updated on a monthly basis and then generates a warning in the log. If the problem re-occurs, I will post to this thread. Thank you

Hi, Thanks for your feedback. Please feel free to let us know if you need further help during the troubleshooting. Regards Kevin TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.TechNet Community Support