Thursday, January 17, 2008
SelfSSL Connection Errors
- Move all the old certs into an archive directory located here: C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
- When you run the selfssl.exe command to install the self-signed SSL certificate into IIS, you must include the fully qualified machine name in the /N:cn parameter. For example: selfssl.exe /T /V:3650 /N:cn=oam.company.com
Verify that the new cert has been generated and that your ADAM run as user has read permissions on the cert and that should solve the problem.
Test your connection using LDP.exe, also using the fully qualified host name.
This is an excellent link with step-by-step instructions, (including the download location for the IIS 6.0 Resource kit from MS): http://geekswithblogs.net/jimiz/archive/2007/02/11/106006.aspx
Labels: SelfSSL for IIS