Microsoft KB Archive/824035

From BetaArchive Wiki
Knowledge Base


You receive a "Page cannot be displayed" error message when you try to access a site by using HTTPS

Article ID: 824035

Article Last Modified on 11/24/2005


APPLIES TO

  • Microsoft Internet Information Services 5.0
  • Microsoft Internet Information Services 5.1
  • Microsoft Internet Information Services 6.0



SYMPTOMS

When you try to access a site that is hosted in Microsoft Internet Information Services (IIS) and that is configured to use Secure Sockets Layer (SSL) by using the HTTPS protocol, you may receive the following error message:

Page cannot be displayed

The following error message is logged in the Web server event logs:

Event Type: Error
Event Source: Schannel
Event Category: None
Event ID: 36869
Date: 12/18/2000
Time: 9:12:46 AM
User: N/A
Computer: <ServerName>
Description: The SSL server credential's certificate does not have a private key information property attached to it. This most often occurs when a certificate is backed up incorrectly and then later restored. This message can also indicate a certificate enrollment failure.

CAUSE

This problem occurs because the Web site has been bound to a certificate that does not have a matching private key. If you try to export this certificate from the Certificates Microsoft Management Console (MMC), you do not have the option to export the private key. When you try to export the certificate, you receive the following warning message:

  1. You DON'T have a private key that corresponds to this certificate.

To troubleshoot SSL issues, use the new SSL Diagnostics tool. For more information, visit the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?FamilyID=cabea1d0-5a10-41bc-83d4-06c814265282&DisplayLang=en


RESOLUTION

To resolve the problem, create a new certificate with a private key. To do this, follow these steps:

  1. Remove the current certificate that does not have a private key. For more information about how to remove the current certificate, click the following article number to view the article in the Microsoft Knowledge Base:

    232167 How to remove a server certificate from an Internet Information Services 5.0 Web site

  2. Obtain and install the new certificate with private key. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    290625 How to configure SSL in a Windows 2000 IIS 5.0 test environment by using Certificate Server 2.0

Note The original certificate may be repairable (from the server that initially requested the Certificate). For more information about how to repair a certificate, click the following article number to view the article in the Microsoft Knowledge Base:

889651 How to assign a private key to a new certificate after you use the Certificates snap-in to delete the original certificate in Internet Information Services



Additional query words: SSL Certificate Private Key

Keywords: kbprb KB824035



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/824035&oldid=333824
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki