TLS 1.2 cipher suites error, Schannel Event ID 36874 and 36888

Question

I'm seeing the following pair of errors in eventvwr on Windows Server 2008 R2:

An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. Source is Schannel, Event ID is 36874.

The following fatal alert was generated: 40. The internal error state is 1205. Source is Schannel, Event ID is 36888. I know this second error is basically just saying the TLS handshake failed which is what the previous error is saying too.

I can make these errors occur intentionally by using sslscan, for example if I run sslscan.exe --tls12 --verbose [myserver].com:443, I see a list of accepted ciphers followed by this error: SSL_get_error(ssl, cipherStatus) said: 5

Each time I run this I get two pairs of errors in the eventvwr, but I don't know why or which ciphers are at issue. It says the SSL certificate is weakly encrypted (it's using sha1RSA), which I can fix, although I don't know if that's related to the TLS errors or not.

I've seen other similar questions whose response is usually "disable schannel logging in the registry to hide the error", but that's not a fix, so I'm reluctant to do that.

EDIT: I also asked this question here: https://learn.microsoft.com/en-us/answers/questions/275585/tls-12-error-schannel-event-id-36874-and-36888.html

There is a blog post which I believe may hold the answer, here: https://blog.ittoby.com/2014/07/why-schannel-eventid-36888-36874-occurs.html

If I'm able to resolve the issue based on this, I'll add an answer to this question with what worked for me.