“Bad Data” Error in IIS when using Central CertificatesIIS 7.0 - SSL certificate - renew or new?openssl,...
Skis versus snow shoes - when to choose which for travelling the backcountry?
How to visualize a Cayley graph in this style?
Should the .gitignore include an entry for .vscode when using Git and VSCode
CBP Reminds Travelers to Allow 72 Hours for ESTA. Why?
If all harmonics are generated by plucking, how does a guitar string produce a pure frequency sound?
Wanted: 5.25 floppy to usb adapter
Talents during the time of Achasverous
How to approximate rolls for potions of healing using only d6's?
What is better: yes / no radio, or simple checkbox?
Contradiction with Banach Fixed Point Theorem
Does Master of Cruelties survive being blocked by a creature with 4 or more power?
Is divide-by-zero a security vulnerability?
Find the next monthly expiration date
Six real numbers so that product of any five is the sixth one
Inventor that creates machine that grabs man from future
Why do members of Congress in committee hearings ask witnesses the same question multiple times?
awk unexpectedly removes dot from string
Finding the number of integers that are a square and a cube at the same time
What to do when being responsible for data protection in your lab, yet advice is ignored?
What are these green text/line displays shown during the livestream of Crew Dragon's approach to dock with the ISS?
A Wacky, Wacky Chessboard (That Makes No Sense)
What prevents the construction of a CPU with all necessary memory represented in registers?
How to avoid being sexist when trying to employ someone to function in a very sexist environment?
How can I be pwnd if I'm not registered on that site?
“Bad Data” Error in IIS when using Central Certificates
IIS 7.0 - SSL certificate - renew or new?openssl, IIS, XP and error 403.7.svc web service broken when moving to IIS 7Error : IIS Admin Service is disabled?HTTPS address still resolving (to default site) when no longer in IIS and new certificate installedIIS 7.5 connect to a web site using IIS Manager using the current user credentialsIIS Centralized Certificate Store not using certificate when loading in browserLogic Issue in IIS 8 and Centralized Certificatesiis error code 0x80070520. A specified logon session does not existHow to install cer and p7b certificates to use in IIS?
I am using Central Certificates in IIS 10 - using a local folder (C:iisEncryption) that is synchronized to all of the web servers in our cluster.
The Central IIS uses a domain service account - one which seemingly has full permissions to the folder (and files) in question:
Everything was working until we needed to renew the certificate - which I did by deleting the old .PFX files in the share and uploading new ones.
Now, when I use the service account in the configuration, I am getting an error that says "Bad Data".
When I instead use my personal Domain Account, it seems to work fine. Also, when I put back the old (soon to expire) certificate into the folder, that works fine with the service account.
Why isn't my service account working anymore
iis centralized-certificates
asked Dec 28 '17 at 20:28
WilliamWilliam
203520
add a comment |
I am using Central Certificates in IIS 10 - using a local folder (C:iisEncryption) that is synchronized to all of the web servers in our cluster.
The Central IIS uses a domain service account - one which seemingly has full permissions to the folder (and files) in question:
Everything was working until we needed to renew the certificate - which I did by deleting the old .PFX files in the share and uploading new ones.
Now, when I use the service account in the configuration, I am getting an error that says "Bad Data".
When I instead use my personal Domain Account, it seems to work fine. Also, when I put back the old (soon to expire) certificate into the folder, that works fine with the service account.
Why isn't my service account working anymore
iis centralized-certificates
asked Dec 28 '17 at 20:28
WilliamWilliam
203520
add a comment |
I am using Central Certificates in IIS 10 - using a local folder (C:iisEncryption) that is synchronized to all of the web servers in our cluster.
The Central IIS uses a domain service account - one which seemingly has full permissions to the folder (and files) in question:
Everything was working until we needed to renew the certificate - which I did by deleting the old .PFX files in the share and uploading new ones.
Now, when I use the service account in the configuration, I am getting an error that says "Bad Data".
When I instead use my personal Domain Account, it seems to work fine. Also, when I put back the old (soon to expire) certificate into the folder, that works fine with the service account.
Why isn't my service account working anymore
iis centralized-certificates
asked Dec 28 '17 at 20:28
WilliamWilliam
203520
I am using Central Certificates in IIS 10 - using a local folder (C:iisEncryption) that is synchronized to all of the web servers in our cluster.
The Central IIS uses a domain service account - one which seemingly has full permissions to the folder (and files) in question:
Everything was working until we needed to renew the certificate - which I did by deleting the old .PFX files in the share and uploading new ones.
Now, when I use the service account in the configuration, I am getting an error that says "Bad Data".
When I instead use my personal Domain Account, it seems to work fine. Also, when I put back the old (soon to expire) certificate into the folder, that works fine with the service account.
Why isn't my service account working anymore
iis centralized-certificates
iis centralized-certificates
asked Dec 28 '17 at 20:28
WilliamWilliam
203520
asked Dec 28 '17 at 20:28
WilliamWilliam
203520
asked Dec 28 '17 at 20:28
WilliamWilliam
203520
asked Dec 28 '17 at 20:28
WilliamWilliam
203520
asked Dec 28 '17 at 20:28
WilliamWilliam
203520
203520
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
Not sure if you solved this, but I hade the exact same problem and finally managed to solve it.
I had to make sure that the pfx was created and exported from IIS itself. If I created a PFX from any other place it didn't work. Why tho, I have no idea.
Go to:
IIS-Server Certificates-Create Certificate Request.
Copy the signing request to you CA and then import it into IIS.
When that's done you can export the .pfx and put it in you CCS location.
You can then remove the certificate in IIS-Server Certificates.
I have still no idea why this worked. But hope this helps you!
answered Oct 10 '18 at 12:19
tattralltattrall
111
add a comment |
Not sure if this applies here but we had an issue where we were using LetsEncrypt and we had to place their root certificates into the Trusted Root Certification Authorities before we could view the certificates inside IIS similar to the issues found here
https://github.com/ridercz/AutoACME/issues/14
answered 5 hours ago
Nick van EschNick van Esch
1011
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f889923%2fbad-data-error-in-iis-when-using-central-certificates%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Not sure if you solved this, but I hade the exact same problem and finally managed to solve it.
I had to make sure that the pfx was created and exported from IIS itself. If I created a PFX from any other place it didn't work. Why tho, I have no idea.
Go to:
IIS-Server Certificates-Create Certificate Request.
Copy the signing request to you CA and then import it into IIS.
When that's done you can export the .pfx and put it in you CCS location.
You can then remove the certificate in IIS-Server Certificates.
I have still no idea why this worked. But hope this helps you!
answered Oct 10 '18 at 12:19
tattralltattrall
111
add a comment |
Not sure if you solved this, but I hade the exact same problem and finally managed to solve it.
I had to make sure that the pfx was created and exported from IIS itself. If I created a PFX from any other place it didn't work. Why tho, I have no idea.
Go to:
IIS-Server Certificates-Create Certificate Request.
Copy the signing request to you CA and then import it into IIS.
When that's done you can export the .pfx and put it in you CCS location.
You can then remove the certificate in IIS-Server Certificates.
I have still no idea why this worked. But hope this helps you!
answered Oct 10 '18 at 12:19
tattralltattrall
111
add a comment |
Not sure if you solved this, but I hade the exact same problem and finally managed to solve it.
I had to make sure that the pfx was created and exported from IIS itself. If I created a PFX from any other place it didn't work. Why tho, I have no idea.
Go to:
IIS-Server Certificates-Create Certificate Request.
Copy the signing request to you CA and then import it into IIS.
When that's done you can export the .pfx and put it in you CCS location.
You can then remove the certificate in IIS-Server Certificates.
I have still no idea why this worked. But hope this helps you!
answered Oct 10 '18 at 12:19
tattralltattrall
111
Not sure if you solved this, but I hade the exact same problem and finally managed to solve it.
I had to make sure that the pfx was created and exported from IIS itself. If I created a PFX from any other place it didn't work. Why tho, I have no idea.
Go to:
IIS-Server Certificates-Create Certificate Request.
Copy the signing request to you CA and then import it into IIS.
When that's done you can export the .pfx and put it in you CCS location.
You can then remove the certificate in IIS-Server Certificates.
I have still no idea why this worked. But hope this helps you!
answered Oct 10 '18 at 12:19
tattralltattrall
111
answered Oct 10 '18 at 12:19
tattralltattrall
111
answered Oct 10 '18 at 12:19
tattralltattrall
111
answered Oct 10 '18 at 12:19
tattralltattrall
111
111
add a comment |
add a comment |
Not sure if this applies here but we had an issue where we were using LetsEncrypt and we had to place their root certificates into the Trusted Root Certification Authorities before we could view the certificates inside IIS similar to the issues found here
https://github.com/ridercz/AutoACME/issues/14
answered 5 hours ago
Nick van EschNick van Esch
1011
add a comment |
Not sure if this applies here but we had an issue where we were using LetsEncrypt and we had to place their root certificates into the Trusted Root Certification Authorities before we could view the certificates inside IIS similar to the issues found here
https://github.com/ridercz/AutoACME/issues/14
answered 5 hours ago
Nick van EschNick van Esch
1011
add a comment |
Not sure if this applies here but we had an issue where we were using LetsEncrypt and we had to place their root certificates into the Trusted Root Certification Authorities before we could view the certificates inside IIS similar to the issues found here
https://github.com/ridercz/AutoACME/issues/14
answered 5 hours ago
Nick van EschNick van Esch
1011
Not sure if this applies here but we had an issue where we were using LetsEncrypt and we had to place their root certificates into the Trusted Root Certification Authorities before we could view the certificates inside IIS similar to the issues found here
https://github.com/ridercz/AutoACME/issues/14
answered 5 hours ago
Nick van EschNick van Esch
1011
answered 5 hours ago
Nick van EschNick van Esch
1011
answered 5 hours ago
Nick van EschNick van Esch
1011
answered 5 hours ago
Nick van EschNick van Esch
1011
1011
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f889923%2fbad-data-error-in-iis-when-using-central-certificates%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
