Netsh Add Sslcert Error 1312
Contents |
(עברית)المملكة العربية السعودية (العربية)ไทย (ไทย)대한민국 (한국어)中华人民共和国 (中文)台灣 (中文)日本 (日本語) HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums Ask a question Quick access Forums home Browse forums users FAQ Search related threads Remove From My Forums Answered by: SSL Certificate add failed, Error: 1312 Windows ssl certificate add failed error 183 Server > Windows Server General Forum Question 0 Sign in to vote kb 981506 I'm trying to connect a SSL cert to my http listener application. I'm running on Windows Server 2008 SP2. I'm
Ssl Certificate Add Failed Error 1312 Windows 8
using the netsh http commandsuch as the followingto do this. add sslcert ipport=10.0.0.1:443 certhash=somelongcerthash appid={somelongappid} When I use the command I get the following error message. SSL Certificate add failed, Error:
Ssl Certificate Deletion Failed, Error: 2
1312 A specified logon session does not exist. It may already have been terminated. I'm logged onto the server as a domain admin when I run the command. I previously had this application setup to use SSL on a different port with the same cert, the application ran fine for a few weeks. I was in the process of switching the application onto port error 1312 net use 443 when this error started to occur. As part of the switch I found the cert was also defined for a web site. I undefined the SSL and port binding for the web site. I reconnected to cert to the old Port and successfully test the application again, then deleted the binding using the "delete sslcert" command and attempt to use the same "add sslcert" command with port 443 and got the failure. Now I can't use the add sslcert command no matter what port I specify without getting the failure message. Microsoft has a fix for this error message for Windows 7 and Windows Server 2008 R2, but not Windows Server 2008 SP2. Googling around I see a number of other people that have run into this issue but don't see any remedies that work for me. --Mark Friday, August 06, 2010 4:59 PM Reply | Quote Answers 0 Sign in to vote Hi Mark, This KB might help you http://support.microsoft.com/kb/981506 Marked as answer by Tim QuanModerator Monday, August 30, 2010 9:21 AM Monday, August 23, 2010 11:29 AM Reply | Quote 0 Sign in to vote I trie
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the
Netsh Http Add Sslcert Certstorename
company Business Learn more about hiring developers or posting ads with us Stack Overflow error 1312 cannot create directory Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 6.2 netsh certhash million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up Can't register a C# generated selfsigned SSL certificate with netsh (error 1312) up vote 2 down vote favorite I have https://social.technet.microsoft.com/Forums/windowsserver/en-US/68452008-a89b-40ba-9927-472efcfafc99/ssl-certificate-add-failed-error-1312?forum=winservergen created a self-signed SSL certificate via C# (bouncycastle). It shows up in the local computer / personal store and looks exactly like the already existing localhost certificate from Microsoft. If I show the properties, it says: SSL Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated. However, if I want to register this certificate via netsh, I get an error: netsh.exe http add sslcert http://stackoverflow.com/questions/16729623/cant-register-a-c-sharp-generated-selfsigned-ssl-certificate-with-netsh-error ipport=0.0.0.0:{0} certhash={1} appid={2} app-id being the GUID specified in the assemblyinfo.cs. certhash is the hash from the properties-page of the certificate. I found several reasons why this can happen in numerous blog posts: Use elevated privileges (I am doing this) Make sure your certificate is registered in "local computer", not in "current user" - I have this. Make sure the certificate has a private key (it has, as it is shown in the properties dialoge box). None of them led to a success... ssl binding windows-8 netsh share|improve this question edited Jun 22 '14 at 14:40 Peter Mortensen 10.3k1369107 asked May 24 '13 at 7:19 Sargola 131128 Same here! What's interesting the same code runs nice on some machines. And on others we get above error. Did you have a chance to fix it? (I'm using Windows 8) –Mike Jul 8 '13 at 14:06 add a comment| 3 Answers 3 active oldest votes up vote 3 down vote Your problem is prior to the binding. I assume that the certificate is not correctly imported. When you load your certificate in C#, use: var cert = new X509Certificate2("Path", "Pwd, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable); And make sure that you store it in the local machine StoreLocation.LocalMachine: var store = new X509Store(storeName, StoreLocation.LocalMachine); store.Open(OpenFlags.MaxAllowed); store.Add(cert); store.Close(); share|impr
Solve Galaxy S6 Bluetooth Issue | TechnoBezz Free Forza Motorsport 6: Apex Resetting Local & Domain http://www.mrboingo.com/index.php/archives/240 Admin Passwords Recent CommentsArchives October 2016 April 2016 March 2016 February http://andypottsblog.blogspot.com/2012/07/certificate-bugs-certificate-add-failed.html 2016 January 2016 August 2015 July 2015 June 2015 February 2015 January 2015 December 2014 September 2014 July 2014 June 2014 May 2014 March 2014 February 2014 October 2013 September 2013 March 2013 November 2012 October 2012 September 2012 Categories Android Avaya How To Out error 1312 And About Tech Life Certificate port binding: SSL Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated Standard There are very annoying messages in Windows. I will talk here an in the next posts about some of the security related errors and how do they help you ssl certificate add to understand the problem. So here is the thing: you have just Installed the certificate in the certificate store, and you can visually see it, but when you try to bind it to the ip port using netsh or httpcfg (information here: http://msdn.microsoft.com/en-us/library/ms733768.aspx) you get a message saying : A specified logon session does not exist. It may already have been terminated. Microsoft Windows [Version 6.1.7600] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Windows\system32>netsh http add sslcert ipport=0.0.0.0:443 certhash=3045c0dab3764dd641a3742253c9b22e07acf645 appid={11223344-4455-6677-8899-AABBCCDDEEFF} clientcertnegotiation=enable SSL Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated. After investigating the issue, it seems that the problem is the certificate must be in the local machine store to be successfully binded with the port. All you have to do is to drag and drop it there Moving cert with drag and drop is simple. It copies the cert and it's private key. So now the same command should work C:\Windows\system32>netsh http add sslcert ipport=0.0.0.0:443 certhash=3045c0dab3764dd
to bugs in products. Problem This time I was attempting to add a certificate to a port in order to allow a self-hosted WCF service to work over HTTPS. Most examples are about IIS, which is simpler. The command was this: netsh http add sslcert ipport=0.0.0.0:9011 certhash=80f06fa16c2dee8abccddbcb1c0694e7e0c5ffdd appid={08AAC041-869A-4C12-AF5B-999D0F4ABC43} but it was returning an error: Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated. There are lots of blog entries out there, but in the end I found my problem was due to import bugs in MMC. There are a couple of checks to make first though: 1. The certificate that you are using to run the HTTPS MUST have a private key. Therefore when you are creating the certs, create them with the following commands: makecert -sk testRootCA -sky signature -sr localmachine -n "CN=RootTrustedCA" -ss TRUST -r RootTrustedCA.cer (to make the root cert) makecert -sk testServer -ss MY -sky exchange -sr localmachine -n "CN=Server" -ic RootTrustedCA.cer -is TRUST Server.cer -pe (to make the HTTPS server cert signed by the previous) 2. Check whether the hotfix is applicable (it wasn't for me). 3. Try this excellent tool and see whether it gets round the 1312 error (though it is unlikely to if you had the same problem as me). Solution Create the certificates as described above. Ensure the server certificate has the private key. Then I imported the RootTrustedCA into the Trusted Root Certification Authorities store. NOTE - you must do this for the Local Computer account when you open MMC. Then I imported the Server certificate into the Personal Certificates store. But here is the thing.If you look at the certificate at this point, it is missing the key symbol indicating that it has a private key. Somehow it has lost the private key. How did I fix this? Simple, run the makecert command again, and refresh MMC and you'll see that the certificate has gained it's private key. There is obviously some horrible bug there. Now double-click on thecertificate and grab the thumprint