Wednesday, May 17, 2017

An error occurred while using SSL configuration for endpoint 0.0.0.0:444

The other day, one of my Exchange 2016 lab servers stopped working. Well, I say "stopped working" but most things seemed to be working except for the Exchange Management Shell where I would get the following error when opening it:
 
OWA and ECP were also not working: I would simply get a blank page after signing in...
 
 
In the event log, there were hundreds of 15021 event errors complaining about SSL configuration:
Log Name:      System
Source:        Microsoft-Windows-HttpEvent
Date:          17/05/2017 03:51:17
Event ID:      15021
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      EX1.nunomota.pt
Description:   An error occurred while using SSL configuration for endpoint 0.0.0.0:444. The error status code is contained within the returned data.
 
 
As you can imagine, problems with SSL connections can affect multiple Exchange components such as the shell, ECP and OWA in this case (and many others if I had checked I'm sure). These problems can be the result of certificates not installed or incorrectly installed, and should be deleted from the system and reinstalled with the appropriate information.
 
So, I checked the installed certificates on this server by running netsh http show sslcert:
 
Nothing suspicious at first sight, but then again, I can't remember the last time I ran this command so I wasn't exactly sure what to look for. Until I ran the same command on a healthy server and noticed that the certificates used for 443 and 444 were the same:
 
So I went back to the affected server, deleted the certificate assigned to 0.0.0.0:444 by running netsh http delete sslcert ipport=0.0.0.0:444 and assigned the same certificate as the one used on port 443 by running netsh http add sslcert ipport=0.0.0.0:444 certhash="certificate_hash" appid="application id":
 
Restarted the server and everything was back to normal! :)

93 comments:

  1. Thanks for the awesome post! I had this exact issue and you saved me hours of work.

    ReplyDelete
  2. Excellent and simple explanation! Helped me, twice :) Thank you!

    ReplyDelete
  3. Thanks my friend! your post saved me

    ReplyDelete
    Replies
    1. Excellent, really glad to hear that! :) Thank you for letting me know!

      Delete
  4. Me too. Many thanks :-) Steve.

    ReplyDelete
  5. This was exactly what i needed - save a TON of time. Thank you!

    ReplyDelete
  6. Thanks my friend! your post saved me

    ReplyDelete
  7. Superb, solved my issue too! Great documentation.

    ReplyDelete
  8. wow, many many thanks for your article, today our exchange 2016 server suddenly cannot be connected , outlook not work, owa not work ,even exchange power shell not work !!,
    I google the event 15021 for around 2 hours to find a solutions ... lucky finally i find here, Many thank you again to share this helpful article .. have a nice day ! ..XD

    ReplyDelete
  9. I could kiss you ! Cheers Nuno, had to power off my exchange server due to planned power outage and when I powered on I lost access to everything (OWA, ECP, Outlook). After three hours of reading up different possibilities and nothing seeming to match my issue I found this page. All working now !

    ReplyDelete
  10. You sir, are a hero

    ReplyDelete
  11. Thanks very much Nuno! New to Exchange and I just expanded my C drive to make room and after restart ran into this issue! Not related, but I did update my SSL certs a few weeks back so this made sense. Only now seeing this come up because I hadn't restarted my exchange server in 36 days. Very clear steps and sure enough, I had the same issue. It's 12:50AM and servers are back online! If you're ever in Vancouver BC I owe you a beer or two. Thanks again! - Ian

    ReplyDelete
    Replies
    1. Hi Ian,

      Thank you for the feedback and glad to know this helped! I will let you know if I'm ever in the area :)

      Regards,
      Nuno

      Delete
  12. Another chime in from a late night repair. Thanks for sharing! This helped get me back online after a Windows update.

    ReplyDelete
  13. Excellent , sorted in minutes. Does anyone know the causes of this ? We had recently re-certified without issue until the next scheduled server restart.

    ReplyDelete
    Replies
    1. Glad it helped Steve! :) I honestly have no idea why this happens...

      Delete
  14. Thank you this saved the day

    ReplyDelete
  15. Save the day today Thank you

    ReplyDelete
  16. You are my god now. Thanks Bro.

    ReplyDelete
  17. I had this same problem very early this morning after a server reboot and this was the solution. Thanks so much!!! This is what I believe is the root cause or at least this is what happened in my case. I had deleted the five year old expired built-in self-signed certificate called, "Microsoft Exchange" about two weeks ago. When I rebooted the server this morning after doing Windows Updates it came up but I could not log in to OWA, ECP, EAC, and Outlook was showing as disconnected. The error 15021 was filling up the system event log. Upon following the directions here I could see that ipport 444 was holding on to the cert which I deleted. After running the above commands to delete the 444 cert and copy in the 443 cert I was back in business! No reboot needed as OWA and Outlook started to work immediately. However, I did reboot and everything was fine. Thanks again!

    ReplyDelete
    Replies
    1. Glad it helped! :) THank you so much for the description of your issue!

      Delete
  18. Thanks! Was quite the mystery. Happened to 1 of 3 2013 servers so far. Any Idea what causes it?

    ReplyDelete
  19. You need a space between http and add for this command to work.

    ReplyDelete
    Replies
    1. Hi Nathan,
      Where exactly? The screenshots all have a space after "http".

      Delete
  20. Thanks Nuno, Worked for me, netsh http add sslcert ipport=0.0.0.0:444 certhash="73ca358ae48af372ef8d01f6974e818b8296462c" appid="{4dc3e181-e14b-4a21-b022-59fc669b0914}":


    C:\Windows\system32>netsh http delete sslcert ipport=0.0.0.0:444

    SSL Certificate successfully deleted

    netsh http add sslcert ipport=0.0.0.0:444 certhash="h5435k4545kr4548d01f6974e818b8ere54y45" appid="{t48f8481-3du5b-34r21-c011-4j345j3434j}":

    ReplyDelete
  21. Nothing like finding the perfect answer after getting the flood of Friday morning calls. Thanks so much!

    ReplyDelete
  22. Buenas noches.
    Excelente aporte, me ayudaste a resolver un tremendo enredo.
    Muchas gracias, mas aun por compartir.

    ReplyDelete
  23. Excellent. You saved my hours....Thank you

    ReplyDelete
  24. This saved me a ton of time thank you.

    ReplyDelete
  25. I know this is an old article now. But I wanted to add my thanks, you really saved my bacon. Really good work!

    I had exactly the same issue after a scheduled re-boot. Literally hundreds of the 15021 events. I had renewed the self signed certificate in the Exchange ECP earlier in the week apparently without issue. But after the first re-boot this happened.

    ReplyDelete
    Replies
    1. Glad to hear this helped Andy! :) Thank you for taking the time to comment as well!

      Delete
  26. Amazing, stumbled upon this and had no idea what was causing it other than SSL (Event Viewer). Your post saved the day - only issue was I was getting unknown command and see the command should be 'netsh http add .... not netsh httpadd (as above)

    Many thanks for your post. Happy New Year!

    ReplyDelete
    Replies
    1. Happy New Year and glad it helped! :)
      Thank you so much for pointing out the typo! I have now corrected it.

      Delete
  27. This fixed me! BUT....do you know WHY this behavior occurs? My exchange went down randomly, and this event was in the log a million times.

    ReplyDelete
    Replies
    1. Glad to hear! :) I'm afraid I never got to the bottom of it... In so many years, this has only happened once to me.

      Delete
  28. Sweet - Freakin Microsoft - why can't they figure this out?

    ReplyDelete
  29. Replies
    1. Glad to hear! Thank you for the feedback! :)

      Delete
  30. I have a very similar issue however the port is 0.0.0.0:443 and the other is 127.0.0.1:443. I believe these are from Network monitoring tool we just installed. I do not know which one to delete though??

    ReplyDelete
  31. I will add to the chorus of 'thank you's and 'you're a hero's in this thread...

    THANK YOU! YOU ARE MY HERO TODAY!

    In our case it appears to be a security update that caused the problem somehow.

    ReplyDelete
    Replies
    1. :-D You are most welcome! Glad it helped and thank you so much for the feedback! :)

      Delete
  32. Yes, this article got us back online today with minimal fuss.

    Many thanks.

    TW

    ReplyDelete
  33. Still relevant today. Recent CU broke my Exchange Servers and this post saved the day.

    ReplyDelete
    Replies
    1. That's crazy... I thought this wouldn't be an issue by now!...

      Delete
  34. Nuno 4 president ! You helped me out too, many thanks.

    ReplyDelete
  35. Impec, ca fonctionne encore !! Merci bcp

    ReplyDelete
  36. ty, gets me every year, this is much easier than muddling through gui.

    ReplyDelete
  37. Thank you so much, you just saved me hours of work.

    ReplyDelete
    Replies
    1. Thanks for letting me know. Glad it helped! :)

      Delete
  38. Thank you. I kept getting "Parameter incorrect" and I searched online for that error. I had to append certstorename=MY

    C:\Windows\system32>netsh http add sslcert ipport=0.0.0.0:8192 certhash="xyz" appid="{abc}" certstorename=MY

    ReplyDelete
  39. Saved my bacon! Thank you very much for sharing this solution : )

    ReplyDelete
  40. You are my hero sir, after hours of updating I did a restart on a exchange server and had the same problem, found out another guy changed the certificate a few weeks ago, everything worked until the restart, so thank you very much. Now 2am and you saved me a few hours of work

    ReplyDelete
    Replies
    1. Thank you for the feedback! Glad it helped! :)

      Delete