Microsoft KB Archive/940463

From BetaArchive Wiki
< Microsoft KB Archive
Revision as of 18:40, 18 July 2020 by 3155ffGd (talk | contribs) (importing KB archive)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Knowledge Base


You cannot start the Microsoft Firewall service on a server that is running ISA 2004 or ISA 2006 if you enable SSL on a Web listener

Article ID: 940463

Article Last Modified on 12/4/2007


APPLIES TO

  • Microsoft Internet Security and Acceleration Server 2004 Standard Edition
  • Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition
  • Microsoft Internet Security and Acceleration Server 2006 Standard Edition
  • Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition


SYMPTOMS

A server is running Microsoft Internet Security and Acceleration (ISA) Server 2004 or ISA Server 2006. On the server, you enable Secure Sockets Layer (SSL) on a Web listener. In this situation, you cannot start the Microsoft Firewall service. However, if you disable SSL on the Web listener, you can successfully start the Microsoft Firewall service. When this problem occurs, events that resemble the following may be logged in the event log:

Event 14001 Event Source: Microsoft Firewall
Event ID: 14001
Description: Firewall Service failed to initialize. Previous event log entries might help determine the proper action

Event 14060 Event Source: Microsoft Firewall
Event ID: 14060
Description: Description: Cannot load an application filter Web Proxy Filter
({4CB7513E-220E-4C20-815A-B67BAA295FF4}). FilterInit failed with code 0x80092004.
To attempt to activate this application filter again, stop and restart the Firewall service.

Event 14177 Event Source: Microsoft ISA Server Web Proxy
Event ID: 14177
Description: Some certificates cannot be initialized (error code -2146885628). The Web Proxy filter could not initialize. Check that all certificates used by the Web Proxy filter are valid.


CAUSE

This problem occurs because of a problem with the SSL server certificate that the Web listener uses. The problem can be one of the following problems:

  • The certificate has expired.
  • The certificate is corrupted.
  • The certificate is installed incorrectly.


WORKAROUND

To work around this problem, follow these steps:

  1. In the Certificates Microsoft Management Console (MMC) snap-in, delete the certificate, and then re-import the certificate.
  2. Configure the Web listener to use the certificate.


STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Keywords: kbtshoot kbprb kbexpertiseadvanced KB940463



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/940463&oldid=231436
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki