Scroll Top
Evotec Services sp. z o.o., ul. Drozdów 6, Mikołów, 43-190, Poland
+48 502 469 760
contact@evotec.pl

Exchange 2013 powershell errors out, and Exchange 2013 ECP doesn’t work correctly

Exchange 2013 powershell errors out, and Exchange 2013 ECP doesn’t work correctly
MicrosoftExchange
0
By Przemyslaw Klys Exchange March 22, 2015

After Exchange 2013 system is updated or after reboot ECP / OWA and other IIS pages appear blank. Also Powershell is not able to open up, and event log is full of errors.

Problem Description

Exchange 2013 powershell errors out, and Exchange 2013 ECP  doesn't work correctly (users get a login screen then a blank page). Moreover there is an EVENT being logged in Administrative Events (Event ID 15021, Source HttpEvent):

An error occurred while using SSL configuration for endpoint 0.0.0.0:444.  The error status code is contained within the returned data.

Error in PowerShell:

VERBOSE: Connecting to MAIL2. New-PSSession : [mail2] Connecting to remote server mail2 failed with the following error messa ge : [ClientAccessServer=MAIL2,BackEndServer=mail2,RequestId=fd9724cd-19fb-4842-b30d-c9c4b976119f,TimeStamp =2015-03-24 18:55:58] [FailureCategory=Cafe-SendFailure] For more information, see the about_Remote_Troubleshooting He lp topic. At line:1 char:1 + New-PSSession -ConnectionURI “$connectionUri” -ConfigurationName Microsoft CategoryInfo : OpenError: (System.Manageme….RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin gTransportException + FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed

Event ID 15021

Cause: This event is logged when an error occurred while using SSL configuration for socket address.The error status code is contained within the returned data.

Event_15021_1

Event_15021_2

Solution

Solution to solve it is to replace the certificate for 0.0.0.0:444 with the correct one. For some reason one of the certificates is being used instead of the one that is being served on standard https port.

  1. Click Start, point to All Programs, click Accessories, right-click Command Prompt, clickRun as administrator, and then click Continue.
  2. Type netsh http show sslcert, and then press ENTER to view the installed certificates.
  3. This will show the certs. Make a copy of the output to safe place.
  4. Under IP:port 127.0.0.1:443 note the certificate hash and application ID.
  5. Type netsh http delete sslcert ipport=0.0.0.0:444 (do this command even if the port doesn't exists on the list), and then press ENTER to delete the incorrectly installed certificate.
  6. netsh http add sslcert ipport=0.0.0.0:444 certhash=<noted_hash> appid=”<noted_appid>”, and then press ENTER to reinstall the certificate.
  7. Reboot server

That's it. After rebooting certificate should be in it's place and content from Exchange being served correctly.

Przemyslaw Klys / About Author
System Architect with over 14 years of experience in the IT field. Skilled, among others, in Active Directory, Microsoft Exchange and Office 365. Profoundly interested in PowerShell. Software geek.
More posts by Przemyslaw Klys

Related Posts

The security account manager (SAM) has determined that SID is already in use in the Forest
The security account manager (SAM) has determined that the security identifier (SID) for this computer is already in use in the Forest you want to join. This can happen when restoring an Active Directory Domain Controller with an improper backup. Reinstall the operating system on the local AD DC to obtain a new SID.
12 Mar 2020
Get-RSSFeed in action
Submitting blogs to web.archive.org using PowerShell
Since my website went down in fire with OVH SBG2, I used this occasion to publish my restored website via Cloudflare. It allows me to have to cache, minimization, and some additional security. One thing that caught my attention while browsing through Cloudflare settings was the Always Online feature based on web.archive.org. Basically, the concept is – whenever the website is down, Cloudflare would go and fetch content from web.archive.org.
19 Mar 2021
PSWriteWord 0.4.1
PSWriteWord – Updated to 0.4.1 (Breaking Change included)
28 Jun 2018
AccountLockout
Active Directory – How to track down why and where the user account was locked out
I’ve been working with Windows Events for a while now. One of the things I did to help me diagnose problems and reporting on Windows Events was to write PSEventViewer to help to parse the logs and write PSWinReporting to help monitor (with use of PSEventViewer) Domain Controllers for events that happen across the domain. It’s handy and I, get those excellent daily reports of what happened while I was gone.
24 Jan 2019
Import-Module: This script contains malicious content and has been blocked by your antivirus software.
Import-Module: This script contains malicious content and has been blocked by your antivirus software.
I’ve been working today on a little project when suddenly my modules stopped working. It was weird because I have not touched anything that could cause it. A message was a bit cryptic mentioning that my PSWriteColor module is required but not available. I’ve decided to try and load PSWriteColor manually using Import-Module command.
12 Dec 2018
Advanced HTML reporting using PowerShell
I’ve been using HTML reporting in PowerShell for a while. Initially, I would usually build HTML by hand, but the time spent trying to figure out what works and what doesn’t drive me mad. With the PSWriteHTML module, a lot has changed. With just a few PowerShell lines, I can create feature-rich reports that change how I show data to my Clients. Today I wanted to show you some advanced HTML reporting without actually complicating PowerShell code. In the last few months, I’ve added many features that create advanced reports without sacrificing readability.
16 Mar 2021
Working with HTML in PowerShell just got better
Last few weeks, I’ve been working on making creating HTML based Dashboards, Reports, and Emails better. PSWriteHTML already allows fancy looking reports or emails without much effort, but this release makes it even more helpful. I will be mixing three PowerShell modules in this blost post – PSWriteHTML (responsible for creating HTML/CSS/JS code), Emailimo (simplifies creating emails based on PSWriteHTML) and Dashimo (simple dashboard building). If you’ve never heard of those modules before I encourage you to start from earlier blogs about them to understand the concepts before you dive into this one.  Hopefully, those will give you some ideas that will match what you will learn today.
04 Aug 2019
A number of emails failed to be processed by GFI MailEssentials
0
15 Feb 2018
Monitoring LDAPS connectivity/certificate with PowerShell
Some time ago, I wrote a blog post on checking for LDAP, LDAPS, LDAP GC, and LDAPS GC ports with PowerShell. It mostly works, but it requires a tad bit of effort, and it doesn’t cover the full scope that I wanted. Recently (well over 3 years ago), Chris Dent shared some code that verifies the LDAP certificate, and I thought this would be good to update my cmdlets to support just that with a bit of my own magic on top.
02 Mar 2021
PowerShell Automating Administration
Microsoft Exchange – Set address book policy based on group membership
0
04 Mar 2016
Update-Module : Module ‘PowershellGet’ was not installed by using Install-Module, so it cannot be updated.
22 Aug 2018
Event Monitoring
What’s new – Event Monitoring v0.7
0
27 Mar 2018
Difference between GetTempFileName() and GetRandomFileName() that got my ass kicked
Today’s story is about me making assumptions on how things work based on the method’s name. As the blog post says, I want to focus on two similar methods – GetTempFileName() and GetRandomFileName(), when using PowerShell. Still, since those methods are .NET based, it applies to a whole range of other languages – C#, F#, VisualBasic, and all others that I’ve never used.
24 Jan 2022
SFTP/FTPS using PowerShell
Easy way to connect to FTPS and SFTP using PowerShell
FTPS and SFTP are two ways to send and receive files from remote sources. While the name suggests both do the same thing, those are different protocols, in the end, having the same goal. A few weeks back, I had to make sure I can reliably download files from FTPS server using PowerShell, and since I couldn’t find anything straightforward to use, I decided to write my own. Transfertto is a new PowerShell module that supports both FTPS and SFTP protocols. Its goal is to be the only module that you need to transfer files to and from FTP/SFTP servers.
29 Aug 2021
Dashimo Conditional Formatting
Dashimo – Easy Table Conditional Formatting and more
Dashimo ultimate goal is to be as easy to use as possible. With the introduction of it a few days ago I made a promise to myself that I want to keep it as simple to use as possible. If you don’t know what Dashimo is, have a read here – Meet Dashimo. When I posted it on Reddit few people had some ideas and feature request that would make it a bit nicer, and when I heard about I agreed. So today, after a couple of days I have a few updates. I also noticed that my examples might have been too hard to use and understand for beginners and people not having a lot of touch with Active Directory. This time all code you can find below will use Get-Process as a way to show you that you can use any output that comes as a Table.
04 Apr 2019

Leave a comment

You must be logged in to post a comment.