If you get the alert "ET INFO TLS Handshake Failure"

This signature seems to appear when using a chrome-based browser with some specific (insecure?) TLS 1.2 certificates.

In a Chrome based browser press the F12 key and go to the security tab to see the TLS version.

It also appears in some background services. I used Wireshark, Microsoft Network Monitor 3.4 and Microsoft Message Analyzer to track down a process in my network.


Unfortunately Wireshark does not show you the involved process at all. Microsoft Network Monitor does have a process column but did not show the process.

Luckily the Message Analyzer finally revealed which process was causing the alert in the firewall.

The perpetrator was an old version of “Dell Digital Delivery Service”.

DellDigitalDeliveryService

A newer version (5.0.82.0) did not cause this alert.

Microsoft Message Analyzer is discontinued but you can still get it under below link:

I tested it on Windows 10 and 11 Pro. Make sure to disable any update checks.

2 Likes