An error occurred while using SSL configuration for endpoint 0.0.0.0:443

active-directory adfs microsoft-office-365

First run CMD as Admin

netsh http show sslcert

look for certificates that are dead or the below example Get rid of them by using:

netsh http delete sslcert ipport=0.0.0.0:443

then you should be good.


  1. Goto bindings of your IIS website, check if you have a valid cert selected for 443 port.
  2. If you already have, check validity of that cert if already exhausted. Try changing cert to see if its corrupted.

Run the following command in an elevated command prompt and examine the config on AD FS side.

netsh http sh sslcert

You will see several endpoints and the certs associated with each. AD FS uses name based bindings so wouldn't create one for 0.0.0.0:443 by default. Unless you have IIS or have been doing your own bindings for http.sys they wouldn't just appear there.

I expect you have an old cert referenced in 0.0.0.0:443 . That's a guess based on the data available.

You should take a network trace and see on WAP service startup whether TLS session is established successfully to AD FS.

Related

Poor iSCSI performance with SSD disks and 10 Gbe network
Cannot write to /etc/hosts file from Dockerfile with RUN
Importance of location of installation of Microsoft SQL Server
Can a different DNS server be used for subdomains?
systemd: how to selectively disable wpa_supplicant for a specific WLAN interface?
NGINX SSL does not respond over IPv6
Using a laptop as an external monitor and keyboard for a server?
How to upgrade software installed from source?
Subversion path differences for svn and svn+ssh
Have too many tables in a Mysql database can affect performance?
Where's the netlogon folder stored?
Will NTP drift the clock backwards