New article
Recently updated
Error messages caused by incorrect PC clock (Clock Stew)
Who is this article for?Signed-in Users experiencing error messages caused by incorrect PC clock.
No elevated permissions are required.
This article delves into the challenges posed by error messages arising from incorrect PC clock settings, unraveling the potential disruptions caused by time discrepancies. Explore effective solutions to rectify these issues and restore synchronisation for a seamless computing experience.
1. Issue
The communications framework that we use (Microsoft’s WCF) adds a timestamp to each message that is sent between the desktop application and the server. The service compares the timestamps with the current time and, for security reasons, if the message is more than five minutes old then it refuses to handle it.
This causes a problem if the clock in the user’s PC drifts away from true time, because it can appear that a message is old whereas it is simply that the user’s PC has a clock that is set with the wrong time. If the clock is ahead of true time, then the timestamp will be invalid.
If this happens, then the user will see an error like:
Error: The security timestamp is invalid because its creation time ('18/09/2024 10:37:07 PM') is in the future. Current time is '18/09/2021 10:28:52 PM' and allowed clock skew is '00:05:00'.
OR
Error: The security timestamp is stale because its expiration time ('2024-09-18T03:28:07.746Z') is in the past. Current time is '2024-09-18T03:37:29.268Z' and allowed clock skew is '00:05:00'.
OR
Error: An error occurred when verifying security for the message.
The mechanism allows for time zones, for example it understands that 9 AM in New York is 2 PM in London. Below is an example of time formatting and it's results:
| PC Clock in New York | Server Clock in London | Result |
|---|---|---|
| 9 AM | 14:00 | |
| 9:06 AM | 14:00 |
2. Solution
The correct solution to this problem is to ensure that the server and client PC's are all synchronising their internal clocks with an authoritative source. If the PC is a member of a Windows domain then normally the time will regularly sync to a time server specified by the domain, and if that is not working then this is something that should be discussed with your IT team.
Standalone Windows 10 PC's can be configured to sync with a server on the Internet (e.g. time.windows.com or time.nist.gov). There are numerous guides on how to do this on the Web, and one such is at https://www.windowscentral.com/how-manage-time-servers-windows-10.
3. References
- Time sync in Windows AD: https://docs.microsoft.com/en-us/windows-server/networking/windows-time-service/windows-time-service-tools-and-settings.
- Setting a time server for Windows 10: https://www.windowscentral.com/how-manage-time-servers-windows-10.
- Managing time settings in Windows 11: How to manage date and time settings on Windows 11 | Windows Central.