Microsoft-Windows-HttpEvent – Event ID: 15021
An error occurred while using SSL configuration for endpoint 0.0.0.0:443. The error status code is contained within the returned data.
This error is because the SSL certificate is not binded to the Exchange site properly. This will stop outlook being able to connect to exchange and also if you browse to OWA or ECP you will just get a 404 error.
To fix this:
- Open IIS Manager
- Expand your <server name>
- Expand Sites
- Select “Default Web Site“
- On the Actions Pane select Bindings
- Under the Site Bindings open both https entries and add the certificate to the site
Now go to your desktop and open outlook. Now you will be connected to your exchange server and be able to send and receive emails.
Hi Everyone, I’m Jake. I have created this site basically as my own knowledge base, hopefully you find some of the information on here useful.
I work with businesses across South West Victoria to leverage technology to improve the way they work & keep their data safe.
If you want to connect with me look me up on LinkedIn.
Hello
My event logs on my exchange server are constantly getting hit with:
Event 15021 HttpEvent
An error occurred while using SSL configuration for endpoint [::]:443. The error status code is contained within the returned data.
I have checked around on this issue and some of the other results or fixes of this issue don’t seem to work with mine. My users are able to access OWA and ECP and I don’t really notice any issues with the system. Other reports have have these troubleshooting steps:
netsh http show sslcert
this returns:
SSL Certificate bindings:
-------------------------
IP:port : 0.0.0.0:443
Certificate Hash : 0c9d535326----------------------------
Application ID : {4dc3e181-e14b------------------------}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
IP:port : 0.0.0.0:444
Certificate Hash : 760aa39d552--------------------------
Application ID : {4dc3e181-e14b-----------------------}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
IP:port : 0.0.0.0:8172
Certificate Hash : 23f927ab6ccfb----------------------------
Application ID : {00000000-0000-0000-0000-000000000000}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
IP:port : 127.0.0.1:443
Certificate Hash : 0c9d5353261e510-------------------------
Application ID : {4dc3e181-e14b----------------------}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
IP:port : [::]:443
Certificate Hash : 7d8923810fce72--------------------------
Application ID : {ba195980-cd49---------------------}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : DisabledI am assuming the last binding is the issue but when I go to IIS and check that binding for 443 * it shows my correct wildcard certificate.
But this netsh command does show a different Certificate Hash from the 443 certs and they really should be the same so I am not sure why IIS is showing it that way. Should I run the netsh command and replace the certificate for the this binding to match the one that is in the other bindings?
If you get “Connection to remote server” / “ClientAccessServer = EXCHANGE, BackEndServer = EXCHANGE” error while opening Exchange Management Shell on your Exchange Servers and the Management Shell connects to another server that is a member of Exchange DAG.
If you get Event: 15021, HttpEvent error in the event logs like the following;
Open IIS Manager –> Sites –> Exchange Back End Sites
Check you https protocol “Exchange Back End” Binding
There is a must be self-signed “Microsoft Exchange” certificate here, if not here , it may have expired and you need to renew it on the Exchange ECP console or MMC console.
Have a nice day!
При открытии Exchange Managment Shell (EMS) или Центра администрирования (ECP) появляется следующая ошибка:
ОДРОБНО: Подключение к SREX01.
New-PSSession : [srex01] Сбой подключения к удаленному серверу srex01. Сообщение об оши
бке: Подробности см. в разделе справки "about_Remote_Troubleshooting".
строка:1 знак:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Micr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed
ПОДРОБНО: Подключение к SREX01.
New-PSSession : [srex01] Сбой подключения к удаленному серверу srex01.sibpromstroy.ru. Сообщение об ошибке: Подробности см. в разделе справки "about_Remot
e_Troubleshooting".
строка:1 знак:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Micr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed![New-PSSession: server: Не удалось подключиться к удаленному серверу «сервер» со следующим сообщением об ошибке: ClientAccessServer=Server BackEndServer=Server, RequestId=….[FailureCategory=Cafe-SendFailure]…
FullyQualifiedErrorId: –2144108477,PSSessionOpenFailed](https://i0.wp.com/www.evgesha.ru/wp-content/uploads/2023/03/ems-error-1024x244.png?resize=750%2C179&ssl=1)
После ввода пароля страница открывается пустой:
Системный журнал ошибка 15021 HttpEvent
Произошла ошибка при использовании конфигурации SSL для конечной точки 0.0.0.0:444. Код состояния ошибки содержится в возвращенных данных
Решение
Для этого я открываю консоль IIS и проверяю, действительно ли запущен серверный сайт Exchange , поэтому я щелкаю правой кнопкой мыши — «Редактировать привязки» , чтобы увидеть конфигурацию. Я нахожу следующее:
Правой кнопкой мыши в IIS на Exchange Backend – Edit Bindings:
Выбираем https порт 444 – Edit
Выбираем сертификат “Microsoft Exchange” – Ok
Перезапускаем IIS, отправляем “спасибо” автору.
In the System Events On the ADFS Servers, Noticed Events with description An Error Occured while uisng SSL COnfiguration for End Point 0.0.0.0:443, the error status code contained with the returned data followed with Event ID: 15021. When try to browse the ADFS idpinitiatedsignon page, it is getting failed.
Normally, this issue occurs if the certificate renewal or certificate upgrade has not been done properly.
To Solve this issue,
run the CMD: Netsh http show sslcert to check the current certificate bindings
See the certificate which has been upgraded is in IP: Port binding–> Certificate hash. If it contains old certificate and that is not available in the Certificate MY Store, above event will get generated and users can not browse the site or ADFS Page will not get loaded.
To solve this issue, first delete the old certificate has which is currently bonded for the 0.0.0.0:443 using the command
netsh http delete sslcert ipport=0.0.0.0:443
Next, bind the new Certificate has for the ipport=0.0.0.0:443 using the below command
add sslcert ipport=0.0.0.0:13286 appid='{App ID’} certhash=<thumbprint without space>
Now, restart the ADFS Service and check the events and browse the ADFS idpinitiatedsignon page and see it shows new certificate and page is getting loaded.
- Remove From My Forums
-
Question
-
hello, first of all I have asked already this question a different forum and I was told to ask here instead:
https://answers.microsoft.com/en-us/windows/forum/windows_10-performance/windows-10-home-64-bits-http-event-36870-schannel/57ed3652-9718-4197-894f-cb292a594c72?tm=1555623380717&auth=1
Here is the problem:
Hello,
Since March 26th 2018, I have received every minute 2 instances of each event: Http event 36870, and Schannel 15021.
I have closed every Internet connection program I can, but it still appears regardless.
On the date it all started, the only thing that changed was, a Windows update for Windows Defender Antivirus: KB2267602, which occurs daily and I dont believe to be the reason for this problems.
- Http Event:
An error occurred while using SSL configuration for endpoint 0.0.0.0:54266. The error status code is contained within the returned data.
—Regarding this: I have run TCP View, and it reports the following:
Process |PID |Protocol |Local Address |Local port |Remote address |remote Port |State
System 4 TCPV6 my-pc 54265 my-pc
0 LISTENINGSystem 4 TCPV6 my-pc 54266 my-pc
0 LISTENING
- Schannel:
A fatal error occurred when attempting to access the TLS server credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10001
I have a Windows 10 Home Edition 64 bits updated to the latest Windows recommended drivers and updates.
I have tried the «sfc /scannow» which found no errors.
It’s worth noting that my Network adapter settings on IPV6 are TCP/UDP Checksum are set to RX-TX enabled, if that helps.
I have also :
run Dism /Online /Cleanup-Image /CheckHealth
run Dism /Online /Cleanup-Image /ScanHealth
with no errors reported back.
Can someone help Please?
Here are the full report for each.
Http event 15021:
— <Event xmlns=»http://schemas.microsoft.com/win/2004/08/events/event«>
— <System>
<Provider Name=»Microsoft-Windows-HttpEvent« Guid=»{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}«
EventSourceName=»HTTP« /><EventID Qualifiers=»49152«>15021</EventID>
<Keywords>0x80000000000000</Keywords>
<TimeCreated
SystemTime=»2019-03-27T06:35:52.504239300Z« /><EventRecordID>949114</EventRecordID>
<Execution ProcessID=»4« ThreadID=»15424« />
<Channel>System</Channel>
<Computer>DAN-DESKT-HW1</Computer>
</System>
— <EventData>
<Data Name=»DeviceObject« />
<Data Name=»Endpoint«>0.0.0.0:54266</Data>
<Binary>000004000200300000000000AD3A00C00000000000000000000000000000000000000000000000005F0000C0</Binary>
</EventData>
</Event>
Schannel 36870:
— <Event xmlns=»http://schemas.microsoft.com/win/2004/08/events/event«>
— <System>
<Provider Name=»Schannel« Guid=»{1F678132-5938-4686-9FDC-C8FF68F15C85}«
/><Keywords>0x8000000000000000</Keywords>
<TimeCreated
SystemTime=»2019-03-27T06:35:52.504320100Z« /><EventRecordID>949113</EventRecordID>
<Correlation
ActivityID=»{826053B9-DA28-0002-EC53-608228DAD401}« /><Execution ProcessID=»728« ThreadID=»13348« />
<Channel>System</Channel>
<Computer>DAN-DESKT-HW1</Computer>
<Security UserID=»S-1-5-18« />
</System>
— <EventData>
<Data Name=»Type«>server</Data>
<Data Name=»ErrorCode«>0x8009030d</Data>
<Data Name=»ErrorStatus«>10001</Data>
</EventData>
</Event>
I was told to try this:
https://blogs.technet.microsoft.com/instan/2009/01/05/schannel-36872-or-schannel-36870-on-a-domain-controller/
But this is what I came up with:
Solution a)
I dont have «All Users Profile\Application Data\Microsoft\Crypto\RSA folder»
No RSA folder whatsoever, neither «All Users» I went to my individual accoiunt folder AppData, but still no RSA fodler
Solution b)
This was the most promising, as I found a computer certificate that was not trusted, with an expiration date of 2004. Deleted that, but still the same errors in event viewer.
Solutions C, D and E)
All these as I read require a third party or server certificate, which I dont find anywhere.
Can someone please help? This is not a windows server…. Its just Windows Home, but this issue comes up every minute.