IIS7 SSL works once but then stops.

September 3, 2010

Problem:

You installed an SSL Certificate and went to HTTPS://www.domain.com it would work the first time, but then if you close your browser, and go back to HTTPS://www.domain.com it stops working

If you have already done some research on the issue or if you notice in your event viewer logs the event id 15300, 15301 like the one below then you can fix this error by using the resolution I used:

The description for Event ID ( 15301 ) in Source ( HTTP ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: \Device\Http\ReqQueue, 0.0.0.0:443.

Resolution:

Open an Administrative command prompt

Have the inetmgr opened for IIS7 and go under the site you want to add the SSL certificate to. Then add the SSL certificate. If it says you will be taking the SSL cert from another site just say Yes.

In your command prompt window type netsh http show ssl and push enter You should see something like this:

IP:port : 0.0.0.0:443
Certificate Hash : bes5c641aa89f1fed87a11e13404204e1212696a
Application ID : {2da4a181-f14b-4a21-b022-59fa689b0915}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled

Type the following, please make sure you change the certHash and AppID to what you see in your window:

netsh http add sslcert ipport=[::]:443 certhash=bes5c641aa89f1fed87a11e13404204e1212696a appid={2da4a181-f14b-4a21-b022-59fa689b0915}

Do another netsh http show ssl, and if the 0.0.0.0:443 entry is missing, run this to add it back:

netsh http add sslcert ipport=0.0.0.0:443 certhashbes5c641aa89f1fed87a11e13404204e1212696a appid={2da4a181-f14b-4a21-b022-59fa689b0915}

Run an iisreset to restart IIS, and then test it out a few times and make sure that this fixed the issue. In my case I had to test a site, then close the browser to clear the session state, and try again.

+1 this post if it helped you!

Leave a Reply